CVE-2025-0642 | THREATINT

Description

Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass.This issue affects Assist: through 10.02.2025.

PUBLISHED Reserved 2025-01-22 | Published 2025-10-02 | Updated 2025-10-02 | Assigner TR-CERT

MEDIUM: 6.3CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

Problem types

CWE-798 Use of Hard-coded Credentials

CWE-639 Authorization Bypass Through User-Controlled Key

Product status

Default status

unaffected

Any version

affected

Credits

Şahnur Eren ALOĞLU finder

References

www.usom.gov.tr/bildirim/tr-25-0309

cve.org (CVE-2025-0642)

nvd.nist.gov (CVE-2025-0642)

Download JSON