CVE-2025-13480
5.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been fixed in version 5.6.3
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fudo Security | Fudo Enterprise | 5.5.0 <= 5.6.2 | affected |
Weaknesses
- CWE-863: CWE-863 Incorrect Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.fudosecurity.com/product/enterprise
- https://cert.pl/en/posts/2026/04/CVE-2025-13480
- https://download.fudosecurity.com/documentation/fudo/5_6/rn/RN_5.6.3.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.