CVE-2025-24679

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 24, 2025

CWE ID 862

Summary

CVE-2025-24679 is a Missing Authorization vulnerability that affects the webraketen Internal Links Manager, specifically versions from n/a through 2.5.2. Hackers can exploit this issue by taking advantage of incorrectly configured access control security levels, gaining unauthorized access to internal links and potentially executing malicious code or unauthorized actions. This vulnerability poses a serious risk to the security of affected systems and requires immediate attention and patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2umRva
https://www.cve.org/CVERecord?id=CVE-2025-24679
https://nvd.nist.gov/vuln/detail/CVE-2025-24679

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2025-24679

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations