Main Vulnerability Database Exploits ID:11386 - Exploit for Missing Authorization in Flynax Bridge - CVE-2025-3604

ID:11386 - Exploit for Missing Authorization in Flynax Bridge - CVE-2025-3604

Published: May 9, 2025

Vulnerability identifier: #VU107917

Vulnerability risk: High

CVE-ID: CVE-2025-3604

CWE-ID: CWE-862

Exploitation vector: Remote access

Vulnerable software:
Flynax Bridge

Link to public exploit:

https://github.com/Nxploited/CVE-2025-3604

Vulnerability description

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to the affected plugin does not properly validate a user's identity prior to updating their details like email. A remote attacker can change arbitrary user's email addresses and and gain access to their account.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:11386 - Exploit for Missing Authorization in Flynax Bridge - CVE-2025-3604

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human