CVE-2025-4762

Insecure Direct Object Reference (IDOR) vulnerability in eSignaViewer

CVSS 2 LOWEPSS 0.3%CWE-20

Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files in the document system via manipulation of file paths and object identifiers.

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Produtos afetados

Lleidanet PKI · eSigna

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://edgewatch.com/vulnerability-advisories/path-traversal-and-idor-vulnerabilities-in-esignaviewer-allow-unauthorized-file-access/