CVE-2025-52389 | THREATINT

Description

An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4 allows authenticated attackers to access sensitive data for other users via a crafted HTTP request.

PUBLISHED Reserved 2025-06-16 | Published 2025-09-08 | Updated 2025-09-08 | Assigner mitre

References

www.app.sodacristal.com.br

github.com/ktr4ck3r/CVE-2025-52389

cve.org (CVE-2025-52389)

nvd.nist.gov (CVE-2025-52389)

Download JSON