CVE-2025-24342

Publication date

2025-04-30 11:25:35

Family

bosch

State

PUBLISHED

Description

A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.