How severe is CVE-2025-2850?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.5 out of 10.

What type of vulnerability is CVE-2025-2850?

This is classified as CWE-266, which is a common weakness in software security.

CVE-2025-2850 - MEDIUM Severity | CVSS 3.5

Vulnerability Description

A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. It has been rated as problematic. This issue affects some unknown processing of the component Download Interface. The manipulation leads to improper authorization. It is recommended to upgrade the affected component.

Related Vulnerabilities

CVE-2023-29066

LOW

CVSS:3.5(Low)

The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data ...

CWE-2662023

CVE-2025-0797

MEDIUM

CVSS:3.3(Low)

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quar...

CWE-2662025

CVE-2025-2114

MEDIUM

CVSS:3.7(Low)

A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the fil...

CWE-2662025

CVE-2023-3072

LOW

CVSS:3.8(Low)

HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.

CWE-2662023

CVE-2025-4819

LOW

CVSS:3.1(Low)

A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The man...

CWE-2662025

CVE-2024-10978

MEDIUM

CVSS:4.2(Medium)

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SES...

CWE-2662024