CVE-2025-12341

Summary

A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impacted is an unknown function of the file AntiDupl.NET.WinForms.exe of the component Delete Duplicate Image Handler. The manipulation results in link following. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
ermig1979AntiDupl2.3.0affected
ermig1979AntiDupl2.3.1affected
ermig1979AntiDupl2.3.2affected
ermig1979AntiDupl2.3.3affected
ermig1979AntiDupl2.3.4affected
ermig1979AntiDupl2.3.5affected
ermig1979AntiDupl2.3.6affected
ermig1979AntiDupl2.3.7affected
ermig1979AntiDupl2.3.8affected
ermig1979AntiDupl2.3.9affected
ermig1979AntiDupl2.3.10affected
ermig1979AntiDupl2.3.11affected
ermig1979AntiDupl2.3.12affected

Weaknesses

  • CWE-59: Link Following

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References