elunez eladmin LocalStorageController deleteFile improper authorization_CVE-2025-9937

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in elunez eladmin 1.1. Impacted is the function deleteFile of the component LocalStorageController. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited.

Basic Information

ID CVE-2025-9937

Source VulDB

Published Sep 3, 2025 at 23:32

Affected Product

Vendor elunez

Product eladmin

Version 1.1

Affected Versions elunez eladmin 1.1

CWE Classification

CWE-285 CWE-266

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in elunez eladmin 1.1. Impacted is the function deleteFile of the component LocalStorageController. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited.",
    "published": "2025-09-03T23:32:07.846Z",
    "modified": "2025-09-03T23:32:07.846Z",
    "type": "cve",
    "title": "elunez eladmin LocalStorageController deleteFile improper authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.322339\nhttps://vuldb.com/?ctiid.322339\nhttps://vuldb.com/?submit.643392\nhttps://www.cnblogs.com/aibot/p/19063329",
    "id": "CVE-2025-9937",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "elunez eladmin 1.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "eladmin",
    "version": "1.1",
    "vendor": "elunez",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}