CNNVD-202507-3939 Information

Jul 31, 2025 cve

CNNVD ID

CNNVD-202507-3939

CVE-2025-54833

CNNVD Published: 2025-07-31

Description (Chinese)

OPEXUS FOIAXpress Public Access Link（OPEXUS FOIAXpress PAL）是OPEXUS公司的一个面向公众的安全 Web 门户，将机构与请求者联系起来，并与支付解决方案集成，包括支付解决方案。 OPEXUS FOIAXpress Public Access Link v11.1.0版本存在安全漏洞，该漏洞源于绕过账户锁定和CAPTCHA保护，可能导致暴力破解密码。

Description (English)

OPEXUS FOIAXpress Public Access Link (OPEXUS FOIAXpress PAL) is a public-oriented security Web portal for OPEXUS that connects institutions to claimants and integrates payment solutions, including payment solutions. OPEXUS FOIAXpress Public Access Link v11.1.0 has a security loophole, which originates from the circumvention of account locks and CAPTCHA protections, which may lead to violent decryption of passwords.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OPEXUS

Published

2025-07-31

Last Modified

2026-02-24

References

https://docs.opexustech.com/docs/foiaxpress/11.12.0/FOIAXpress_Release_notes_11.12.3.0.pdf https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-174-01.json https://www.cve.org/CVERecord?id=CVE-2025-54833

Patch

https://docs.opexustech.com/docs/foiaxpress/11.12.0/FOIAXpress_Release_notes_11.12.3.0.pdf

Share on: