CVE-2025-7948 in jshERPinformação

Sumário

de MITRE • 22/07/2025

A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

22/07/2025

Moderação

aceite

Entrada

VDB-317089

CPE

pronto

CWE

CWE-640 (confirmado)

Exploração

Descarregar

CVSS

6.5 (NVD)

EPSS

0.00189

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-7948
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-7948
CVE Details	https://www.cvedetails.com/cve/CVE-2025-7948/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!