Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-45616

Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request.

Published

2025-05-05T20:15:20.790

Last Modified

2025-10-17T15:08:53.267

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	baidu	brcc	≤ 1.2.0	Yes

References

https://github.com/baidu/brcc/issues/194 Exploit, Issue Tracking, Third Party Advisory ([email protected])