CVE Daily

CVE-2025-48862

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lea...

High CVSS 7.1

Overview

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted.

CWE: CWE-311 Published: 2025-08-14T09:15:26.293
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.1 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags