CNNVD-202508-3605 Information

Aug 29, 2025 cve

CNNVD ID

CNNVD-202508-3605

CVE-2025-9609

CNNVD Published: 2025-08-29

Description (Chinese)

i-Educar是Portábilis开源的一个免费教育软件。 i-Educar 2.10及之前版本存在安全漏洞，该漏洞源于文件/educacenso/consulta存在授权不当问题。

Description (English)

i-Educar is a free education software from Portábilis. i-Educar 2.10 and previous versions contain a security loophole that stems from the improper authorization of the document/educascenso/consulta.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Portábilis

Published

2025-08-29

Last Modified

2026-02-24

References

https://vuldb.com/?submit.636580 https://vuldb.com/?id.321787 https://vuldb.com/?ctiid.321787 https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-9609.md https://github.com/marcelomulder/CVE/blob/main/i-educar/Broken%20Access%20Control%20%E2%80%93%20Missing%20Function-Level%20Access%20Control%20in%20%60.educacenso.consulta%60%20Endpoint.md#poc https://nvd.nist.gov/vuln/detail/CVE-2025-9609

Share on: