CVE-2025-8756
TDuckCloud tduck-platform manage preHandle improper authorization
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
TDuckCloud tduck-platform manage preHandle improper authorization
A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
In TDuckCloud tduck-platform bis 5.1 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft die Funktion preHandle der Datei /manage/ der Komponente com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. Durch Manipulieren mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
Incorrect Privilege Assignment
| 2025-08-08: | Advisory disclosed |
| 2025-08-08: | VulDB entry created |
| 2025-08-08: | VulDB entry last update |
RacerZ (VulDB User)
vuldb.com/?id.319261 (VDB-319261 | TDuckCloud tduck-platform manage preHandle improper authorization)
vuldb.com/?ctiid.319261 (VDB-319261 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.624188 (Submit #624188 | https://www.tduckcloud.com tduck-platform commit e71c1e5 Improper Access Controls)
github.com/TDuckCloud/tduck-platform/issues/28
github.com/TDuckCloud/tduck-platform/issues/28
Support options
