CVE-2025-9760
BaseFortify
Publication date: 2025-09-01
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-educar | to 2.10.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9760 is an improper authorization vulnerability in Portabilis i-Educar up to version 2.10, specifically in the Matricula API component at the /module/Api/aluno endpoint. It allows unauthorized or low-privileged users to manipulate sensitive student enrollment data, such as deleting the dropout status, by bypassing authorization checks. The vulnerability can be exploited remotely and easily, with public proof-of-concept exploits available. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized deletion or modification of critical academic records, such as the dropout status of students. This compromises the integrity and reliability of educational data, potentially causing operational disruptions and loss of trust. Since the exploit is remotely executable and easy to perform, attackers can manipulate records without proper permissions, leading to data tampering and possible legal consequences. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized modification of sensitive educational data, which can lead to violations of data integrity and protection requirements under regulations like GDPR and HIPAA. Unauthorized data tampering may result in non-compliance with these standards, exposing organizations to legal and regulatory penalties. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or suspicious HTTP GET requests to the vulnerable endpoint `/module/Api/matricula` with parameters such as `oper=delete`, `resource=abandono`, and varying `id` values. For example, inspecting web server logs or using network monitoring tools to filter requests matching this pattern can help identify exploitation attempts. A sample command using curl to test the vulnerability (as a non-privileged user) is: curl -X GET 'http://localhost/module/Api/matricula?&oper=delete&resource=abandono&id=206' -H 'Cookie: i_educar_session=YOUR_SESSION_COOKIE' Additionally, using tools like tcpdump or Wireshark to capture HTTP traffic and filter for GET requests to `/module/Api/matricula` with suspicious parameters can aid detection. [2]
What immediate steps should I take to mitigate this vulnerability?
Currently, no effective countermeasures or mitigations are known for this vulnerability. The recommended immediate step is to replace or upgrade the affected Portabilis i-Educar product to a version that is not vulnerable. Until a patch or fix is available, restrict access to the vulnerable API endpoint by implementing network-level controls such as firewall rules or web application firewall (WAF) rules to block unauthorized requests. Monitoring and alerting on suspicious API usage is also advised. [1]