CVE-2025-27847 | ESPEC North America Web Controller 3 up to 3.3.7 /api/v4/auth/ privilege escalation

Inserito da Angelo Barbosa | Ago 14, 2025 | CVE

A vulnerability, which was classified as problematic, was found in ESPEC North America Web Controller 3 up to 3.3.7. This affects an unknown part of the file /api/v4/auth/. The manipulation leads to privilege escalation.

This vulnerability is uniquely identified as CVE-2025-27847. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27847 | ESPEC North America Web Controller 3 up to 3.3.7 /api/v4/auth/ privilege escalation

Post correlati

CVE-2024-8178 | FreeBSD ctl_write_buffer/ctl_read_buffer uninitialized resource

CVE-2024-52378 | Labs64 DigiPass Plugin up to 0.3.0 on WordPress path traversal

CVE-2024-4106 | Yokogawa Electric FAST TOOLS/CI Server empty password in configuration file

CVE-2024-3640 | Rockwell Automation Factory Talk Remote Access up to 13.5.0.174 FTRA Installer Package unquoted search path (icsa-24-135-01)