CVE-2025-2777

Vulnerability Description

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.

Vulnerability Details

Published Date

May 07, 2025

Last Modified

June 27, 2025

Source

NVD

CVE-2025-2777

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment