How severe is CVE-2025-2395?

CVE-2025-2395 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-2395

Name: u-office_force
Author: edetw

9.8CRITICAL

The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator.

Veröffentlicht: 3/17/2025Aktualisiert: 11/18/2025

Beschreibung

The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator.

KI-AnalyseKI-gestützt

Betroffene Produkte

edetwu-office_force

Referenzen

https://www.twcert.org.tw/en/cp-139-10012-d5bbc-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-10011-3de72-1.html
Third Party Advisory