CVE-2025-42989

CRITICAL

9.6CVSS v3

—CVSS v2

0.23% EPSS (exploit probability)

CWE-862CWE

Description

RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE