CVE-2025-1887
SMB forced authentication vulnerability in Sage 200 Spain
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
Sage · Sage 200 Spain¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →