CVE Catalog

CVE-2025-65784

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.32%

24th percentile - higher than 24% of all known CVEs

Summary

Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allow authenticated attackers with low-level privileges to access other users' information via a crafted API request.

Risk Assessment

The risk involves unauthorized access to sensitive user data, potentially leading to confidentiality breaches and information leakage.

Recommendation

Immediately update the system to the latest version and implement role-based access control (RBAC) for all API endpoints.

Original NVD description (English source)

Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS