CVE-2025-0841

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Jan 29, 2025

CWE ID 502

CWE ID 20

Summary

CVE-2025-0841: A critical vulnerability has been identified in Aridius XYZ up to version 20240927, used on OpenCart. This issue lies in the 'loadMore' function of the News component, which can be exploited through remote deserialization. The exploit, which has been disclosed to the public, enables attackers to manipulate the affected system. To mitigate this risk, it is strongly advised to upgrade the affected component as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/25lwsh
https://www.cve.org/CVERecord?id=CVE-2025-0841
https://nvd.nist.gov/vuln/detail/CVE-2025-0841

Back to Vulnerability Database

CVE-2025-0841

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations