CVE 9.3 CRITICAL

SUNNET Corporate Training Management System – Missing Authorization_CVE-2025-54943

August 29, 2025 invoker category_cve
9.3 / 10
CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks.

Basic Information

ID CVE-2025-54943
Source ZUSO ART
Published Aug 30, 2025 at 03:42

Affected Product

Vendor SUNNET Technology Co., Ltd.
Product Corporate Training Management System
Affected Versions SUNNET Technology Co., Ltd. Corporate Training Management System 0

CWE Classification

CWE-862

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.