CVE-2025-26375 | Nozomi Q-Free MaxTime up to 2.11.0 HTTP routes.lua authorization

Inserito da Angelo Barbosa | Feb 12, 2025 | CVE

A vulnerability classified as very critical has been found in Nozomi Q-Free MaxTime up to 2.11.0. Affected is an unknown function of the file maxprofile/users/routes.lua of the component HTTP Handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-26375. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-26375 | Nozomi Q-Free MaxTime up to 2.11.0 HTTP routes.lua authorization

Post correlati

CVE-2024-7455 | itsourcecode Tailoring Management System 1.0 partedit.php id sql injection

CVE-2024-21530 | cocoon up to 0.3.x Encryption nonce re-use (ID 22)

CVE-2024-4709 | Fluent Contact Form Plugin up to 5.1.16 on WordPress cross site scripting

CVE-2024-47113 | IBM Voice Gateway up to 1.0.8 XML xml injection