CVE-2025-24342

Medium

A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid…

bosch·CWE-204·Published 2025-04-30

CVSS

5.3

EPSS

0.00

KEV

Exploits

cve.orgen

179 chars

A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.

NVDen

179 chars

A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.

NVDes

223 chars

Una vulnerabilidad en la funcionalidad de inicio de sesión de la aplicación web de ctrlX OS permite a un atacante remoto no autenticado adivinar nombres de usuario válidos a través de múltiples solicitudes HTTP manipuladas.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N