Products
Government
Resources
Community
Open Source
Company
Sign In / Join
Sign In
Go back
SysAid On-Prem <= 23.3.40 lshw Proceessing XML External Entity Injection
severity
critical
date
May 7, 2025
Affecting
SysAid On-Prem <= 23.3.40
CVE
CVE-2025-2777
CVE type
Improper Restriction of XML External Entity Reference
CVSS
9.3
CVSS V3 Vector
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
References
Vendor Advisory
Exploit
Credit
Sina Kheirkhah (@SinSinology), Jake Knott, watchTowr