CVE-2025-4552 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability has been found in ContiNew Admin up to 3.6.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the fi…
Medium CVSS: 5.3

CVE-2025-4552

A vulnerability has been found in ContiNew Admin up to 3.6.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dev-api/system/user/1/password. The manipulation leads to unverified password change. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Vendor
Continew
Product
Continew Admin
CWE
CWE-620
Yayın Tarihi
2025-05-12 00:15:16
Güncelleme
2025-11-10 15:00:19
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-620 Continew Admin MEDIUM Continew 2025

Referanslar

https://github.com/uglory-gll/javasec/blob/main/continew-admin.md#21dev-apisystemuser1password-only-assigning-password-reset-permission-can-reset-the-super-administrator-password https://vuldb.com/?ctiid.308299 https://vuldb.com/?id.308299 https://vuldb.com/?submit.567572