elunez eladmin SysLogController 1 queryErrorLogDetail improper authorization_CVE-2025-10084

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

Basic Information

ID CVE-2025-10084

Source VulDB

Published Sep 8, 2025 at 05:02

Affected Product

Vendor elunez

Product eladmin

Version 2.0

Affected Versions elunez eladmin 2.0
elunez eladmin 2.1
elunez eladmin 2.2
elunez eladmin 2.3
elunez eladmin 2.4
elunez eladmin 2.5
elunez eladmin 2.6
elunez eladmin 2.7

CWE Classification

CWE-285 CWE-266

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.",
    "published": "2025-09-08T05:02:16.024Z",
    "modified": "2025-09-08T05:02:16.024Z",
    "type": "cve",
    "title": "elunez eladmin SysLogController 1 queryErrorLogDetail improper authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.323040\nhttps://vuldb.com/?ctiid.323040\nhttps://vuldb.com/?submit.644658\nhttps://www.cnblogs.com/aibot/p/19063331",
    "id": "CVE-2025-10084",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "elunez eladmin 2.0\nelunez eladmin 2.1\nelunez eladmin 2.2\nelunez eladmin 2.3\nelunez eladmin 2.4\nelunez eladmin 2.5\nelunez eladmin 2.6\nelunez eladmin 2.7",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "eladmin",
    "version": "2.0",
    "vendor": "elunez",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}