CVE-2025-0691

Improper access control in permissions component in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the “Edit permission” permission by bypassing the client side validation.

Assigner : security@devolutions.net

More information : https://devolutions.net/security/advisories/DEVO-2025-0011/