CVE-2025-46659

High CVSS: 7.5

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request.

Vendor

Product

CWE

Yayın Tarihi

2025-08-06 20:15:30

Güncelleme

2025-10-02 17:28:18

Source Identifier

cve@mitre.org

KEV Date Added

CWE-200 Exonaut HIGH 4cstrategies 2025

https://gist.github.com/Jowu73/a393a8de99f2dbefcca7d9727c412dff https://www.4cstrategies.com/solutions/exonaut/

Medium

CVE-2024-55401

An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.

Medium

CVE-2025-46660

An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are hashed without a salt.

Medium

CVE-2024-55399

4C Strategies Exonaut before v21.6.2.1-1 was discovered to contain a Server-Side Request Forgery (SSRF).

Medium

CVE-2024-55402

4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.

Medium

CVE-2024-55398

4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.

Critical

CVE-2025-46658

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error messages.