CVE-2025-8325 | WSO2 API Control Plane Gateway API permissions

Inserito da Angelo Barbosa | Mag 11, 2026 | CVE

A vulnerability was found in WSO2 API Control Plane, Universal Gateway, Traffic Manager, API Manager, Carbon API Management Implementation and Carbon API Manager Rest API Utility. It has been declared as critical. Affected is an unknown function of the component Gateway API. The manipulation results in preservation of permissions.

This vulnerability is reported as CVE-2025-8325. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2025-8325 | WSO2 API Control Plane Gateway API permissions

Post correlati

CVE-2025-54382 | CherryHQ cherry-studio 1.5.1 Oauth Auth Redirection Endpoint os command injection

CVE-2025-45029 | WINSTAR WN572HP3 v230525 /cgi-bin/upload.cgi CONTENT_LENGTH heap-based overflow

CVE-2024-23083 | Time4J Base 5.9.3 useDefaultWeekmodel null pointer dereference

CVE-2025-9115 | Frédéric Sheedy Etsy Shop Plugin up to 3.0.6 on WordPress $_SERVER[‘REQUEST_URI’] cross site scripting