CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-51054

Vedo Suite 2024.17 is vulnerable to Incorrect Access Control, which allows remote attackers to obtain a valid high privilege JWT token without prior authentication via sending an empty HTTP POST request to the /autologin/ API endpoint.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.1%

CVSS Severity

CVSS v3 Score 6.5

References

http://bottinelli.com
https://github.com/jacopoaugelli/vedo-suite-exploits

Products affected by CVE-2025-51054

Vedo Suite Project » Vedo Suite » Version: 2024.17

cpe:2.3:a:vedo_suite_project:vedo_suite:2024.17

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-51054

Products

Pricing

Contact Us