CVE-2025-41012 | TCMAN GIM 20250304 /WS/PDAWebService.asmx UnlockUser pda:userId/pda:newPassword authorization

Inserito da Angelo Barbosa | Dic 2, 2025 | CVE

A vulnerability was found in TCMAN GIM 20250304. It has been declared as problematic. Affected by this issue is the function UnlockUser of the file /WS/PDAWebService.asmx. Executing manipulation of the argument pda:userId/pda:newPassword can lead to missing authorization.

This vulnerability is registered as CVE-2025-41012. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-41012 | TCMAN GIM 20250304 /WS/PDAWebService.asmx UnlockUser pda:userId/pda:newPassword authorization

Post correlati

CVE-2025-20905 | Samsung Mobile Devices out-of-bounds write

CVE-2024-39678 | XjSv Cooked Plugin up to 1.7.15.4 on WordPress cross-site request forgery (GHSA-pp3h-ghxf-r9pc)

CVE-2024-21040 | Oracle Complex Maintenance, Repair, and Overhaul up to 12.2.13 LOV Remote Code Execution

CVE-2024-0573 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setDiagnosisCfg ip stack-based overflow