2025-08-30

SUNNET Corporate Training Management System - Missing Authorization

ZUSOART ID ZA-2025-11
CVE ID CVE-2025-54943
Vulnerability Type CWE-862: Missing Authorization
CVSS 4.0 Base CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N(9.3)
Description A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks.
Vendor SUNNET Technology Co., Ltd.
Product
Category Version affected
Corporate Training Management System Before 10.11
Product Support Contact SUNNET Technology for version updates.
Release date 2025/08/30
Credit Cheng Ming Yang (TW1943) of ZUSO ART
top