Resource Control Vulnerability in Benner ModernaNet
CVE-2025-1642

5.3MEDIUM

Key Information:

Vendor
Benner
Status
Modernanet
Vendor
CVE Published:
25 February 2025

Summary

A vulnerability exists in Benner ModernaNet versions prior to 1.1.1, specifically in the /AGE0000700/GetImageMedico?fooId=1 file. This issue arises from improper handling of the 'fooId' parameter, allowing attackers to manipulate resource identifiers and potentially gain unauthorized access to critical resources. The vulnerability can be exploited remotely, highlighting the need for immediate action. Users are advised to upgrade to version 1.1.1 to mitigate this risk effectively.

Affected Version(s)

ModernaNet 1.0

ModernaNet 1.1

References

https://vuldb.com/?id.296692
vdb-entrytechnical-description
https://vuldb.com/?ctiid.296692
signaturepermissions-required
https://vuldb.com/?submit.499877
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

y4g0 (VulDB User)
.