Vulnerabilities

CVE-2025-49618

by Fred · 03/07/2025

In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint.

Assigner : cve@mitre.org

More information : https://www.linkedin.com/posts/gaetano-cesano-976420200_qualche-giorno-fa-stavo-testando-plesk-obsidian-activity-7341794923198709761-by9G

Similar

Tags: Cybersecurity Alert