Home

Description

An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-07 | Updated 2025-08-07 | Assigner mitre




MEDIUM: 5.3CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N

References

www.sec4you-pentest.com/...en-zugriff-auf-interne-formulare/ exploit

www.sec4you-pentest.com/schwachstellen

www.sec4you-pentest.com/...en-zugriff-auf-interne-formulare/

cve.org (CVE-2025-51533)

nvd.nist.gov (CVE-2025-51533)

Download JSON