CVE-2025-67806

Published: Apr 01, 2026 Last Modified: Apr 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 3,7

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: none

Availability: none

Description

AI Translation Available

The login mechanism of Sage DPW 2021_06_004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 2021_06_000. On-premise administrators can toggle this behavior in newer versions.

https://pastebin.com/Tk4LgMG2

https://www.sagedpw.at/

CVE-2025-67806

Description

Iscriviti alla newsletter