CVE-2025-1643

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Benner ModernaNet versions up to 1.1.0

Description A vulnerability was found in the processing of the file /DadosPessoais/SG AlterarSenha, leading to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 1.1.1 is able to address this issue.

Recommendations For Benner ModernaNet versions up to 1.1.0, upgrade to version 1.1.1 to address the issue. As a temporary workaround, consider restricting access to the /DadosPessoais/SG AlterarSenha file until the upgrade is applied.

Exploit

Fix

Missing Authorization

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-352

Related Identifiers

CVE-2025-1643

Affected Products

Benner Modernanet

CVE-2025-1643

Weakness Enumeration

Related Identifiers

Affected Products

References · 9