CVE-2025-48862

Name of the Vulnerable Software and Affected Versions: ctrlX OS (affected versions not specified)

Description: Ambiguous wording in the web interface of the setup mechanism could lead a user to believe that the backup file is encrypted when a password is set. However, only the private key – if available in the backup – is encrypted, while the backup file itself remains unencrypted.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.