CVE-2025-59686 | Kazaar 1.25.12 documents order-id privilege escalation

Inserito da Angelo Barbosa | Ott 1, 2025 | CVE

A vulnerability classified as critical has been found in Kazaar 1.25.12. Impacted is an unknown function of the file /api/v1/org-id/orders/order-id/documents. Performing manipulation of the argument order-id results in privilege escalation.

This vulnerability is identified as CVE-2025-59686. The attack can only be performed from the local network. There is not any exploit available.

CVE-2025-59686 | Kazaar 1.25.12 documents order-id privilege escalation

Post correlati

CVE-2023-6575 | Beijing Baichuo S210 up to 20231121 HTTP POST Request /Tool/repair.php txt sql injection

CVE-2024-32988 | i-plug OfferBox App on Android/iOS hard-coded key

CVE-2025-54881 | mermaid up to 11.9.0 cross site scripting (GHSA-7rqq-prvp-x9jh)

CVE-2024-34193 | smanga 3.2.7 file path traversal