CVE-2025-0001

MEDIUM

Abacus ERP <2024.210.16036-2022.105.15542 - Info Disclosure

Title source: llm
STIX 2.1

Description

Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability.

References (1)

Scores

CVSS v3 6.5
EPSS 0.0022
EPSS Percentile 44.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-36
Status published
Products (3)
Abacus Research AG/Abacus < 2022.205.15542
Abacus Research AG/Abacus < 2023.205.15833
Abacus Research AG/Abacus < 2024.210.16036
Published Feb 17, 2025
Tracked Since Feb 18, 2026