CVE-2025-54767

Medium CVSS: 6.5

An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user.

Vendor

Product

CWE

Yayın Tarihi

2025-07-29 00:15:24

Güncelleme

2025-11-03 20:19:14

Source Identifier

bbf0bd87-ece2-41be-b873-96928ee8fab9

KEV Date Added

CWE-648 Lpar2rrd MEDIUM Xorux 2025

https://korelogic.com/Resources/Advisories/KL-001-2025-014.txt https://lpar2rrd.com/note800.php http://seclists.org/fulldisclosure/2025/Jul/17

Medium

CVE-2025-54766

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level…

Medium

CVE-2025-54768

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level…

High

CVE-2025-54769

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in…

Medium

CVE-2025-54765

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level…