CVE-2025-48695 – CyberDAVA Privilege Escalation Vulnerability

May 23, 2025

CVE ID : CVE-2025-48695

Published : May 23, 2025, 5:15 a.m. | 3 hours, 34 minutes ago

Description : An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a low-privileged user to escalate their privilege by abusing the following API due to the lack of access control: /api/v2/users/user//role/ROLE/ (admin access can be achieved).

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2394 – Ecovacs Home Android and iOS Mobile Apps Stored XSS Vulnerability

Next Article CVE-2025-5106 – Fujian Kelixun Filename Handler Os Command Injection Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Sam Altman says ChatGPT’s viral Ghibli effect “forced OpenAI to do a lot of unnatural things”

How to get started with Microsoft Copilot on Windows 11

Microsoft blocks employees from sending emails that mention “Palestine” or “Gaza”

I missed out on the Clair Obscur: Expedition 33 Collector’s Edition but thankfully, the developers are launching something special

Perficient is Shaping the Future of Salesforce Innovation

Perficient is Shaping the Future of Salesforce Innovation

Opal – Optimizely’s AI-Powered Marketing Assistant

Content Compliance Without the Chaos: How Optimizely CMP Empowers Financial Services Marketers

Sam Altman says ChatGPT’s viral Ghibli effect “forced OpenAI to do a lot of unnatural things”

Sam Altman says ChatGPT’s viral Ghibli effect “forced OpenAI to do a lot of unnatural things”

How to get started with Microsoft Copilot on Windows 11

Microsoft blocks employees from sending emails that mention “Palestine” or “Gaza”

CVE-2025-48695 – CyberDAVA Privilege Escalation Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47149 – i-FILTER Anti-Virus & Sandbox Pattern File Validation Remote Code Execution/DoS Vulnerability

Charting Your Course to Success: A Guide to Crafting Powerful OKRs for Product Development

CVE-2025-25046 – IBM InfoSphere Information Server DataStage Flow Designer Information Disclosure

LWiAI Podcast #207 – GPT 4.1, Gemini 2.5 Flash, Ironwood, Claude Max

Will super-smart AI be attacking us anytime soon?

Diablo 4 Season 9 Campfire — Overpower gets a massive nerf, and Blizzard addresses player feedback on the Reliquary

Learn Continuous Integration, Delivery, and Deployment with GitHub Actions, Docker, and Google Cloud Run

CVE-2025-4095 – Docker Desktop MacOS Registry Access Bypass Vulnerability

Marqo Releases Marqo-FashionCLIP and Marqo-FashionSigLIP: A Family of Embedding Models for E-Commerce and Retail

CVE-2025-48695 – CyberDAVA Privilege Escalation Vulnerability

Related Posts