Home

Description

Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases.

PUBLISHED Reserved 2025-12-18 | Published 2025-12-18 | Updated 2025-12-18 | Assigner mitre




LOW: 3.2CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status
unaffected

Any version before 25.17.1
affected

References

salsa.debian.org/...commit/8ba444990b4af6eec4b6b2b26482b107d

cve.org (CVE-2025-68462)

nvd.nist.gov (CVE-2025-68462)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.