CVE-2025-46658

Critical CVSS: 9.8

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error messages.

Vendor

Product

CWE

Yayın Tarihi

2025-08-05 16:15:29

Güncelleme

2025-10-02 17:38:21

Source Identifier

cve@mitre.org

KEV Date Added

CWE-209 Exonaut CRITICAL 4cstrategies 2025

https://gist.github.com/Jowu73/005ca4f85b27fb272a4e62e373341fa5 https://www.4cstrategies.com/solutions/exonaut/

Medium

CVE-2024-55401

An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.

Medium

CVE-2025-46660

An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are hashed without a salt.

Medium

CVE-2024-55399

4C Strategies Exonaut before v21.6.2.1-1 was discovered to contain a Server-Side Request Forgery (SSRF).

Medium

CVE-2024-55402

4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.

Medium

CVE-2024-55398

4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.

High

CVE-2025-46659

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HT…