In the moPS App through 1.8.618, all users can access administrative API endpoints without additional authentication, resulting in unrestricted read and write access, as demonstrated by /api/v1/users/resetpassword.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

MOPS

moPS

Affected Versions:

References

https://mops.eu

https://karatemuffin.it/data/2025_06_07_CVE-2024-55585_update.json

https://media.ccc.de/v/glt25-504-safety-ja-security-nein-analyse-eines-breit-eingesetzten-einsatzmanagmentsystems-

Published: 2025-06-07T00:00:00.000Z

Last Modified: 2025-06-07T19:32:00.212Z

Copied to clipboard!