Primary

Context

CB Project CVLand Authorization Bypass Vulnerability Allowing Parameter Injection

Vulnerability

A vulnerability allowing authorization bypass through user-controlled keys has been identified in CB Project CVLand versions 2.1.0 to 20251103. This issue enables parameter injection, potentially allowing cyber attackers to exploit the vulnerability for their attacks.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of a user, potentially allowing for further attacks or exploitation of the application.

Remediation

Due to the discontinuation of the product and lack of support, the National Cyber Incident Response Center (USOM) advises users and system administrators to switch to alternative software.

Added: Nov 3, 2025, 12:16 PM

Updated: Nov 3, 2025, 12:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CB Project CVLand Authorization Bypass Vulnerability Allowing Parameter Injection

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating