CVE-2025-10288
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-12

Last updated on: 2025-09-15

Assigner: VulDB

Description
A vulnerability was found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. The impacted element is an unknown function of the file /user/info/list. Performing manipulation results in improper authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-12
Last Modified
2025-09-15
Generated
2026-06-16
AI Q&A
2025-09-12
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10288
EUVD
EUVD-2025-29015
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
roncoo roncoo-pay *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the roncoo roncoo-pay software, specifically in an unknown function within the /user/info/list file. It allows an attacker to perform improper authentication by manipulating this function. The attack can be initiated remotely, and the exploit has been made public.

Impact Analysis

The vulnerability can impact you by allowing unauthorized remote attackers to bypass authentication controls, potentially gaining access to user information or restricted areas without proper credentials. This could lead to partial disclosure of sensitive information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10288. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart