Security Advisory

CVE-2025-1421

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-21 13:04:37
Last updated 2025-05-21 13:24:04
Assigner CERT-PL
State PUBLISHED

Description

Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the users PC. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).