CVE-2025-7948 in jshERPالمعلومات

الملخص

بحسب MITRE • 22/07/2025

A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulDB

إفشاء

22/07/2025

الاعتدال

تمت الموافقة

إدخال

VDB-317089

CPE

جاهز

CWE

CWE-640 (مؤكد)

استغلال

تحميل

CVSS

6.5 (NVD)

EPSS

0.00189

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-7948
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-7948
CVE Details	https://www.cvedetails.com/cve/CVE-2025-7948/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!