CVE-2025-0974
CVE-2025-0974
Título es
CVE-2025-0974
Lun, 03/02/2025 – 02:15
Tipo
CWE-20
Gravedad v2.0
4.60
Gravedad 2.0 Txt
MEDIUM
Título en
CVE-2025-0974
Descripción en
A vulnerability, which was classified as critical, has been found in MaxD Lightning Module 4.43 on OpenCart. This issue affects some unknown processing. The manipulation of the argument li_op/md leads to deserialization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
03/02/2025
03/02/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Vector CVSS:2.0
AV:N/AC:H/Au:S/C:P/I:P/A:P
Gravedad 4.0
2.30
Gravedad 4.0 txt
LOW
Gravedad 3.1 (CVSS 3.1 Base Score)
5.00
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
