CVE-2025-9760

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Portabilis i-Educar versions up to 2.10

Description A weakness exists in the Matricula API component of Portabilis i-Educar. The issue affects an unknown part of the file /module/Api/aluno. Manipulation of this component can lead to improper authorization. The attack can be launched remotely, and the exploit has been made publicly available.

Recommendations Versions prior to 2.10 should be updated. As a temporary workaround, restrict access to the /module/Api/aluno file to minimize the risk of exploitation.

Exploit

Fix

Improper Authorization

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-266

Related Identifiers

CVE-2025-9760

Affected Products

Portabilis I-Educar

CVE-2025-9760

Weakness Enumeration

Related Identifiers

Affected Products

References · 12