CVE-2025-27532

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 30, 2025

Updated: May 2, 2025

CWE ID 312

Summary

CVE-2025-27532 is a vulnerability affecting the "Backup & Restore" functionality of the ctrlX OS web application. This issue grants a remote, low-privileged attacker the ability to access sensitive data through carefully crafted HTTP requests. Successful exploitation of this vulnerability does not require elevated permissions and may result in the unauthorized exposure of confidential information. The impact of this issue is significant as it bypasses intended access controls, potentially leading to data breaches or further system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/30w7bE
https://www.cve.org/CVERecord?id=CVE-2025-27532
https://nvd.nist.gov/vuln/detail/CVE-2025-27532

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2025-27532

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations