CVE-2025-54765
Last modified
CVE-2025-54765 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control the configuration of the appliance, to include granting themselves administrative level permissions.. EPSS estimates a 6.45% chance of exploitation in the next 30 days.
Description
An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control the configuration of the appliance, to include granting themselves administrative level permissions.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Xorux | Xormon | <= 1.8.0 |
References
- https://korelogic.com/Resources/Advisories/KL-001-2025-013.txtExploit, Third Party Advisory
- https://xormon.com/note190.phpRelease Notes
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2025-54765?
How severe is CVE-2025-54765?
How do I fix CVE-2025-54765?
Are you affected by CVE-2025-54765?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST