CVE-2025-57130 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attacker to escalate their p…
High CVSS: 8.3

CVE-2025-57130

An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attacker to escalate their privileges. By sending a specially crafted HTTP request, a low-privilege user can access and modify the profile data of any other user, including administrators.
Vendor
Zwiicms
Product
Zwiicms
CWE
CWE-284
Yayın Tarihi
2025-11-05 16:15:40
Güncelleme
2026-02-02 16:32:11
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-284 Zwiicms HIGH Zwiicms 2025

Referanslar

http://zwiicms.com https://blog.nivel4.com/noticias/cve-2025-57130-especialistas-de-nivel4-identifican-falla-de-alta-severidad-en-gestor-de-contenidos