ГлавнаяУязвимости → CVE-2025-0745
7.5высокая

CVE-2025-0745

Описание

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the "/embedai/app/uploads/database/<SQL_FILE>" endpoint.

Затрагиваемое ПО
Thesamur Embedai
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-embedai