CVE-2025-54561

Published: Nov 14, 2025Modified: Nov 20, 2025

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote access to content despite lack of the correct permission through a Broken Authorization Schema.

Affected (1)

Products: Desktopalert: Pingalert Application Server

Desktopalert

1 product

Pingalert Application Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Desktopalert Pingalert Application Server	From 6.1.0.11 to 6.1.1.5

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://desktopalert.net

Source: cve@mitre.org

Product

https://desktopalert.net/cve-2025-54561/

Source: cve@mitre.org

Vendor Advisory

Timeline

No history available yet.