Sismics Teedy API Endpoint file access control_CVE-2025-11853

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in Sismics Teedy up to 1.11. This affects an unknown function of the file /api/file of the component API Endpoint. Executing manipulation can lead to improper access controls. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-11853

Source VulDB

Published Oct 16, 2025 at 19:02

Affected Product

Vendor Sismics

Product Teedy

Version 1.0

Affected Versions Sismics Teedy 1.0
Sismics Teedy 1.1
Sismics Teedy 1.2
Sismics Teedy 1.3
Sismics Teedy 1.4
Sismics Teedy 1.5
Sismics Teedy 1.6
Sismics Teedy 1.7
Sismics Teedy 1.8
Sismics Teedy 1.9
Sismics Teedy 1.10
Sismics Teedy 1.11

CWE Classification

CWE-284 CWE-266

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Sismics Teedy up to 1.11. This affects an unknown function of the file /api/file of the component API Endpoint. Executing manipulation can lead to improper access controls. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-10-16T19:02:07.747Z",
    "modified": "2025-10-16T19:02:07.747Z",
    "type": "cve",
    "title": "Sismics Teedy API Endpoint file access control",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.328799\nhttps://vuldb.com/?ctiid.328799\nhttps://vuldb.com/?submit.657060\nhttps://docs.google.com/document/d/1PzTPCtavuLx_GwREvshGMQ8N5zFDmpe-OAR5kZwOZfE/edit?usp=sharing",
    "id": "CVE-2025-11853",
    "bulletinFamily": "",
    "cwe": [
        "CWE-284",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "Sismics Teedy 1.0\nSismics Teedy 1.1\nSismics Teedy 1.2\nSismics Teedy 1.3\nSismics Teedy 1.4\nSismics Teedy 1.5\nSismics Teedy 1.6\nSismics Teedy 1.7\nSismics Teedy 1.8\nSismics Teedy 1.9\nSismics Teedy 1.10\nSismics Teedy 1.11",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Teedy",
    "version": "1.0",
    "vendor": "Sismics",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}