CVE-2025-10084 | elunez eladmin up to 2.7 SysLogController /api/logs/error/1 queryErrorLogDetail improper authorization

Inserito da Angelo Barbosa | Set 7, 2025 | CVE

A vulnerability has been found in elunez eladmin up to 2.7 and classified as problematic. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization.

This vulnerability is traded as CVE-2025-10084. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-10084 | elunez eladmin up to 2.7 SysLogController /api/logs/error/1 queryErrorLogDetail improper authorization

Post correlati

CVE-2024-28806 | Italtel i-MCS NFV 12.1.0-20211215 unrestricted upload

CVE-2024-22453 | Dell PowerEdge Platform prior 1.19.0/2.14.0/2.19.0 BIOS heap-based overflow (dsa-2024-105)

CVE-2024-47873 | PHPOffice PhpSpreadsheet up to 1.29.3/2.1.2/2.3.1/3.3.x scan/findCharSet xml external entity reference (GHSA-jw4x-v69f-hh5w)

CVE-2024-12754 | AnyDesk up to 7.0.9 link following (ZDI-24-1711)