216.73.217.172

CVE-2025-1421

· Published 21/05/2025 13:16 · Modified 21/05/2025 20:24

Labels: CVE-2025-1421 2025-05-21CVE-2025-1421CWE-1236[email protected]

Essential information

Published
21/05/2025 13:16
Modified
21/05/2025 20:24
Author
Creator
CVSS
2.4 LOW (v3) 2.4 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
konsola / proget cpe:2.3:a:konsola:proget:2.17.5:*:*:*:*:*:*:*

References