Security Advisory

CVE-2025-52395

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-21 00:00:00
Last updated 2025-08-21 16:03:31
Assigner mitre
State PUBLISHED

Description

An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fails to validate the identity of the requester properly