cvelist/2025/1xxx/CVE-2025-1642.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2025-1642",
        "ASSIGNER": "cna@vuldb.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooId=1. The manipulation of the argument fooId leads to improper control of resource identifiers. The attack can be initiated remotely. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component."
            },
            {
                "lang": "deu",
                "value": "In Benner ModernaNet bis 1.1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /AGE0000700/GetImageMedico?fooId=1. Dank der Manipulation des Arguments fooId mit unbekannten Daten kann eine improper control of resource identifiers-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Ein Aktualisieren auf die Version 1.1.1 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Improper Control of Resource Identifiers",
                        "cweId": "CWE-99"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Benner",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "ModernaNet",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "1.0"
                                        },
                                        {
                                            "version_affected": "=",
                                            "version_value": "1.1"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://vuldb.com/?id.296692",
                "refsource": "MISC",
                "name": "https://vuldb.com/?id.296692"
            },
            {
                "url": "https://vuldb.com/?ctiid.296692",
                "refsource": "MISC",
                "name": "https://vuldb.com/?ctiid.296692"
            },
            {
                "url": "https://vuldb.com/?submit.499877",
                "refsource": "MISC",
                "name": "https://vuldb.com/?submit.499877"
            },
            {
                "url": "https://github.com/yago3008/cves",
                "refsource": "MISC",
                "name": "https://github.com/yago3008/cves"
            }
        ]
    },
    "credits": [
        {
            "lang": "en",
            "value": "y4g0 (VulDB User)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "version": "3.1",
                "baseScore": 4.3,
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "baseSeverity": "MEDIUM"
            },
            {
                "version": "3.0",
                "baseScore": 4.3,
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "baseSeverity": "MEDIUM"
            },
            {
                "version": "2.0",
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
            }
        ]
    }
}