CVE-2025-11853

Medium CVSS: 5.3

A vulnerability was determined in Sismics Teedy up to 1.11. This affects an unknown function of the file /api/file of the component API Endpoint. Executing a manipulation can lead to improper access controls. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Sismics

Product

Teedy

CWE

CWE-266

Yayın Tarihi

2025-10-16 19:15:32

Güncelleme

2026-02-24 08:16:17

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Teedy MEDIUM Sismics 2025

Referanslar

https://docs.google.com/document/d/1PzTPCtavuLx_GwREvshGMQ8N5zFDmpe-OAR5kZwOZfE/edit?usp=sharing https://vuldb.com/?ctiid.328799 https://vuldb.com/?id.328799 https://vuldb.com/?submit.657060

Benzer Kayıtlar

High

CVE-2024-54851

Teedy

Critical

CVE-2024-54852

When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnera…

High

CVE-2025-22963

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.