Sismics Teedy Improper Access Control Vulnerability in API Endpoint

Vulnerability

A vulnerability allowing improper access control has been identified in Sismics Teedy versions through 1.11. This issue affects the API endpoint '/api/file', where manipulation can lead to unauthorized access or actions. The vulnerability can be exploited remotely, and an exploit is publicly available.

Impact

Exploitation of this vulnerability allows users with read access to a document share to rename or delete files within that share.

Added: Oct 16, 2025, 7:28 PM

Updated: Oct 16, 2025, 7:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sismics Teedy Improper Access Control Vulnerability in API Endpoint

Vulnerability

Impact

Affected Products

Sismics Teedy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating