CVE-2025-65742
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-65742, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-15

Last updated on: 2025-12-23

Assigner: MITRE

Description

An unauthenticated Broken Function Level Authorization (BFLA) vulnerability in Newgen OmniDocs v11.0 allows attackers to obtain sensitive information and execute a full account takeover via a crafted API request.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-15
Last Modified
2025-12-23
Generated
2026-07-06
AI Q&A
2025-12-15
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
newgensoft omnidocs 11.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an unauthenticated Broken Function Level Authorization (BFLA) issue in Newgen OmniDocs v11.0. It allows attackers to send specially crafted API requests to bypass authorization controls, enabling them to access sensitive information and take over user accounts fully without needing to authenticate. [1]

Impact Analysis

The impact of this vulnerability includes unauthorized access to sensitive information and the potential for a full account takeover. This can lead to data breaches, loss of user trust, and unauthorized actions performed under compromised accounts. [1]

Detection Guidance

Detection of this vulnerability involves monitoring for crafted API requests that exploit the Broken Function Level Authorization (BFLA) in Newgen OmniDocs v11.0. Specific commands or detection scripts are not provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps are not explicitly detailed in the provided resources. Generally, mitigating a BFLA vulnerability involves applying vendor patches, restricting API access, and implementing proper authorization checks on API endpoints. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65742. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart