CVE-2025-27532

Severity CVSS v4.0:
Pending analysis
Type:
CWE-312 Cleartext Storage of Sensitive Information
Publication date:
30/04/2025
Last modified:
02/05/2025

Description

A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests.

References to Advisories, Solutions, and Tools