CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0425 – Local Privilege Escalation via Config Manipulation
https://notcve.org/view.php?id=CVE-2025-0425
18 Feb 2025 — Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions ("nt authority\system"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the "bestinformed Web" server. Those features include: * Pushing of... • https://www.cordaware.com/changelog/en/version-6_3_8_1.html • CWE-15: External Control of System or Configuration Setting •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0424 – Multiple Authenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2025-0424
18 Feb 2025 — In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple authenticated stored cross-site scripting vulnerabilities. An authenticated attacker is able to compromise the sessions of other users on the server by injecting JavaScript code into their session using an "Authenticated Stored Cross-Site Scripting". Those other users might have more privileges than the attacker, enabling a form of horizontal movement. In the "bestinformed Web" application, some user in... • https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0423 – Multiple Unauthenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2025-0423
18 Feb 2025 — In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their session using an "Unauthenticated Stored Cross-Site Scripting". The attacker is then able to ride the session of those users and can abuse their privileges on the "bestinformed Web" application. In the "bestinformed Web... • https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0422 – Authenticated Remote Code Execution via ScriptVar
https://notcve.org/view.php?id=CVE-2025-0422
18 Feb 2025 — An authenticated user in the "bestinformed Web" application can execute commands on the underlying server running the application. (Remote Code Execution) For this, the user must be able to create "ScriptVars" with the type „script" and preview them by, for example, creating a new "Info". By default, admin users have those permissions, but with the granular permission system, those permissions may be assigned to other users. An attacker is able to execute commands on the server running the "bestinformed Web... • https://www.cordaware.com/changelog/en/version-6_4_0_4-release-13_02_2025.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6265
https://notcve.org/view.php?id=CVE-2019-6265
25 Feb 2019 — The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges. Las funcionalidades de Scripting y AutoUpdate en el cliente Cordaware bestinformed para Microsoft Windows, en versiones anteriores a la 6.2.1.0, se han visto afectadas por implementaciones inseguras que permiten que los atacantes remotos ejecuten comandos arbitrarios y... • https://www.detack.de/en/cve-2019-6265-6266 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6266
https://notcve.org/view.php?id=CVE-2019-6266
25 Feb 2019 — Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext. El cliente Cordaware bestinformed para Microsoft Windows, en versiones anteriores a la 6.2.1.0, se ha visto afectado por la verificación de certificados SSL inseguros y patrones de acceso inseguros. Estos problemas permiten que los atacantes remotos degraden las conexiones cifrada... • https://www.detack.de/en/cve-2019-6265-6266 • CWE-295: Improper Certificate Validation •