CVE-2025-51627
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk14th percentile - higher than 14% of all known CVEs
Summary
Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator.
Risk Assessment
The risk is that an attacker with basic privileges can gain full control over the system, potentially leading to unauthorized access to sensitive data and disruption of operations.
Recommendation
It is recommended to immediately update to the latest software version and implement access control fixes in the CaricaVerbale component.
Original NVD description (English source)
Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator.

