Permission Management and Access Control Vulnerability in GoldenDB Database by ZTE
CVE-2025-46576

6.5MEDIUM

Key Information:

Vendor: Zte
Status: Goldendb
Vendor: CVE Published:; 27 April 2025

What is CVE-2025-46576?

A vulnerability in the GoldenDB database exposes the system to unauthorized access through improper Permission Management and Access Control. Attackers can exploit this flaw by manipulating requests, allowing them to bypass privilege restrictions and potentially delete critical content within the database. Organizations using GoldenDB should take immediate steps to review and strengthen their access control mechanisms.

Affected Version(s)

GoldenDB Linux 6.1.03.09 <= 6.1.03.10

GoldenDB Linux Lite7.2.01.01

GoldenDB Linux 7.2.01.01

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bullet...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2025
Vulnerability Reserved
Apr 25, 2025

JSON

Zte

What is CVE-2025-46576?

Affected Version(s)

References

CVSS V3.1

Timeline