CVE-2023-25445
MEDIUM EXPLOITEDHappyFiles Pro < 1.8.1 - Missing Authorization
Title source: llmExploitation Summary
CVE-2023-25445 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Missing Authorization vulnerability in HappyFiles HappyFiles Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1.
References (2)
Core 2
Core References
Scores
CVSS v3
5.4
EPSS
0.0021
EPSS Percentile
11.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2023-03-29
CWE
CWE-862
Status
published
Products (1)
HappyFiles/HappyFiles Pro
< 1.8.1
Published
Dec 21, 2025
Tracked Since
Feb 18, 2026