CVE-2025-1421 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as…
Low CVSS: 2.4

CVE-2025-1421

Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.


This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).
Vendor
-
Product
-
CWE
CWE-1236
Yayın Tarihi
2025-05-21 13:16:02
Güncelleme
2025-05-21 20:24:58
Source Identifier
cvd@cert.pl
KEV Date Added
-

Kategoriler

CWE-1236 LOW 2025

Referanslar

https://cert.pl/en/posts/2025/05/CVE-2025-1415 https://proget.pl/en/mobile-device-management/