5 matches found
CVE-2025-2875
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources...
CVE-2025-2875
creationtimestamp| type| source ---|---|--- 2025-05-14 09:19:30+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4o2rva3o32 2025-05-14 09:31:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16295 2025-05-20 10:00:00+00:00| seen|...
CVE-2025-2875
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources...
CVE-2025-2875
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources...
CVE-2025-2875
The CVE-2025-2875 entry concerns Schneider Electric Modicon Controllers: M241/M251 (pre-5.3.12.48) and M258/LMC058 (all versions) are affected by CWE-610, allowing an unauthenticated attacker to manipulate the controller’s webserver URL to access resources, leading to confidentiality loss. The PT...