Security Advisory

CVE-2025-10870

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-07 09:26:39

Last updated 2025-11-07 12:09:38

Assigner INCIBE

State PUBLISHED

Description

SQL injection vulnerability in DIALs CentrosNet v2.64. Allows an attacker to retrieve, create, update, and delete databases by sending POST and GET requests with the ultralogin parameter in /centrosnet/ultralogin.php.

← Browse all CVEs View on cve.org ↗