CVE-2025-0001

MEDIUM

Abacus ERP <2024.210.16036-2022.105.15542 - Info Disclosure

Title source: llm
STIX 2.1

Description

Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability.

References (1)

Core 1

Scores

CVSS v3 6.5
EPSS 0.0043
EPSS Percentile 34.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-36
Status published
Products (3)
Abacus Research AG/Abacus < 2022.205.15542
Abacus Research AG/Abacus < 2023.205.15833
Abacus Research AG/Abacus < 2024.210.16036
Published Feb 17, 2025
Tracked Since Feb 18, 2026