9 matches found
CVE-2026-47101
LiteLLM prior to 1.83.14 is affected. An authenticated internal_user can generate API keys where allowed_routes may include admin-only routes, bypassing role-based access controls because the system does not verify that the requested routes fall within the creator’s permissions. This enables priv...
GHSA-X5W9-XH9R-MVFC Caddy: Remote Admin Authorization Bypass in `/config` API via Array Index Normalization
This report is not about a normal textual prefix-expansion case. The issue here is that the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different confi...
Caddy: Remote Admin Authorization Bypass in `/config` API via Array Index Normalization
This report is not about a normal textual prefix-expansion case. The issue here is that the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different confi...
PT-2026-41964
Name of the Vulnerable Software and Affected Versions Caddy versions 2.4.0 through 2.11.2 Description An authorization-to-object mismatch exists in the remote admin functionality. The authorization layer uses string prefix matching, while the /config traversal layer parses array indices numerical...
CVE-2025-66415 fastify-reply-from bypass of reply forwarding
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is...
CVE-2025-60291
The CVE-2025-60291 issue affects eTimeTrackLite Web (version 12.0 and earlier, as of 20250704) and is caused by a permission-control flaw that lets unauthenticated attackers access certain routes and alter database connection configurations. Multiple sources (Red Hat, ENISA/EUVD, CIRCL, NVD, CNNV...
CVE-2025-60291
An issue was discovered in eTimeTrackLite Web thru 12.0 20250704. There is a permission control flaw that allows unauthorized attackers to access specific routes and modify database connection configurations...
PT-2024-24085 · Docsgpt · Docsgpt
Name of the Vulnerable Software and Affected Versions: DocsGPT versions prior to 0.8.1 Description: The issue is related to an unauthenticated limited file write in routes.py. This allows for unauthorized access to write files, potentially leading to further exploitation. The estimated number of...
Routes behind a firewall are accessible even when not logged in
More info at https://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released...