CVE-2025-40670 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by s…
High CVSS: 7.1

CVE-2025-40670

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.
Vendor
Tcman
Product
Gim
CWE
CWE-863
Yayın Tarihi
2025-06-09 13:15:22
Güncelleme
2025-10-06 19:35:55
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-

Kategoriler

CWE-863 Gim HIGH Tcman 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-1