How severe is CVE-2025-0425?

This vulnerability has a severity rating of HIGH with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2025-0425?

This is classified as CWE-15, which is a common weakness in software security.

CVE-2025-0425 - HIGH Severity | CVSS N/A

Vulnerability Description

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions ("nt authority\system"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the "bestinformed Web" server. Those features include: * Pushing of malicious update packages * Arbitrary Registry Read as "nt authority\system" An attacker is able to escalate his privileges to "nt authority\system" on the Windows client running the "bestinformed Infoclient". This attack is not possible if a custom configuration ("Infoclient.ini") containing the flags "ShowOnTaskbar=false" or "DisabledItems=stPort,stAddress" is deployed.

Related Vulnerabilities

CVE-2023-50252

CRITICAL

CVSS:9.8(Critical)

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling `<use>` tag that references an `<image>` tag, it merges the attributes from the `<use>` tag to the `<image...

CWE-152023

CVE-2024-4326

CRITICAL

CVSS:9.8(Critical)

A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute arbitrary code. The vulnerability stems from insufficient protection of the `/apply_settings` and `/execu...

CWE-152024

CVE-2021-38453

CRITICAL

CVSS:9.1(Critical)

Some API functions allow interaction with the registry, which includes reading values as well as data modification.

CWE-152021

CVE-2024-38666

CRITICAL

CVSS:9.1(Critical)

An external config control vulnerability exists in the openvpn.cgi openvpn_client_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary com...

CWE-152024

CVE-2024-39280

CRITICAL

CVSS:9.1(Critical)

An external config control vulnerability exists in the nas.cgi set_smb_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command executio...

CWE-152024

CVE-2024-39602

CRITICAL

CVSS:9.1(Critical)

An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. A...

CWE-152024