5 matches found
CVE-2025-57605
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department...
CVE-2025-57605
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department...
CVE-2025-57605
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department...
CVE-2025-57605
CVE-2025-57605 affects AiKaan IoT Platform: lack of server-side authorization on department admin assignment APIs allows authenticated users to elevate privileges by assigning themselves as admins of other departments, leading to unauthorized privilege escalation across the department. Documented...
PT-2025-38732
Name of the Vulnerable Software and Affected Versions AiKaan IoT Platform affected versions not specified Description A missing server-side authorization check in the department admin assignment APIs within the AiKaan IoT Platform permits authenticated users to gain elevated privileges...