CVE-2025-54943 | THREATINT

Description

A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks.

PUBLISHED Reserved 2025-08-01 | Published 2025-08-30 | Updated 2025-09-02 | Assigner ZUSO ART

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-862 Missing Authorization

Product status

Default status

affected

Any version before 10.11

affected

References

zuso.ai/advisory/ third-party-advisory

cve.org (CVE-2025-54943)

nvd.nist.gov (CVE-2025-54943)

Download JSON