CVE-2025-70985

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions RuoYi version 4.8.2

Description An access control issue exists in the update function of the software. This allows unauthorized modification of data beyond the intended scope.

Recommendations Update to a newer version that contains a fix for this vulnerability.

Exploit

Fix

Improper Access Control

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-862

Related Identifiers

CVE-2025-70985

Affected Products

Ruoyi

CVE-2025-70985

Weakness Enumeration

Related Identifiers

Affected Products

References · 9