Back to CVE List

CVE-2026-35552

Vulnerability Description

In CAXperts UPVWebServices 2.4.2212.603 through 2.7.6 and UDiTH Portal 2026.0.0 through 2026.2.0, an authenticated remote user can invoke an administrative API endpoint intended for privileged users. Due to missing authorization checks, this allows the attacker to deactivate the application's license.

Vulnerability Details

Published Date
Last Modified
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!