CVE-2025-24521
Vulnerability Description
External XML entity injection allows arbitrary download of files. The
score without least privilege principle violation is as calculated
below. In combination with other issues it may facilitate further
compromise of the device. Remediation in Version 6.8.0, release date:
01-Mar-25.
score without least privilege principle violation is as calculated
below. In combination with other issues it may facilitate further
compromise of the device. Remediation in Version 6.8.0, release date:
01-Mar-25.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!