CVE-2025-54876 | JanssenProject jans up to 1.9.0 cli_cmd.log insufficiently protected credentials (GHSA-2f4x-m695-jvp3)

Inserito da Angelo Barbosa | Ago 6, 2025 | CVE

A vulnerability has been found in JanssenProject jans up to 1.9.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file cli_cmd.log. The manipulation leads to insufficiently protected credentials.

This vulnerability is known as CVE-2025-54876. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-54876 | JanssenProject jans up to 1.9.0 cli_cmd.log insufficiently protected credentials (GHSA-2f4x-m695-jvp3)

Post correlati

CVE-2024-4350 | Concrete CMS up to 8.5.17/9.3.2 RSS Displayer cross site scripting

CVE-2024-8521 | Wavelog up to 1.8.0 Live QSO /qso index manual cross site scripting

CVE-2022-40732 | Microsoft Windows 11/Server 2022 win32kbase.sys DirectComposition null pointer dereference (TALOS-2022-1514)

CVE-2024-7465 | TOTOLINK CP450 4.1.0cu.747_B20191224 /cgi-bin/cstecgi.cgi loginauth http_host buffer overflow