CVE-2025-48024 | BlueWave Checkmate up to 2.0 /api/v1/settings exposure of sensitive system information to an unauthorized control sphere (GHSA-jjmg-cjr4-439m)

Inserito da Angelo Barbosa | Mag 15, 2025 | CVE

A vulnerability, which was classified as problematic, was found in BlueWave Checkmate up to 2.0. Affected is an unknown function of the file /api/v1/settings. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is traded as CVE-2025-48024. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-48024 | BlueWave Checkmate up to 2.0 /api/v1/settings exposure of sensitive system information to an unauthorized control sphere (GHSA-jjmg-cjr4-439m)

Post correlati

CVE-2024-5581 | Allegra unzipFile path traversal (ZDI-24-1164)

CVE-2025-24786 | clidey whodb prior 0.45.0 /db Join path traversal (GHSA-9r4c-jwx3-3j76)

CVE-2024-20914 | Oracle ZFS Storage Appliance Kit 8.8 Core information disclosure

CVE-2024-24898 | openEuler Kernel prior 4.19.90-2403.4.0.0244 information disclosure