BLUVOYIX Improper Authentication Vulnerability in Admin APIs Allowing Unauthorized User Creation

Vulnerability

A vulnerability in BLUVOYIX exists due to improper authentication in the admin APIs. This flaw allows an unauthenticated remote attacker to send specially crafted HTTP requests to the vulnerable admin API, creating a new user with admin privileges. Exploiting this vulnerability could grant the attacker full access to customer data and lead to a complete compromise of the targeted platform by logging in as the newly-created admin user.

Impact

Successful exploitation allows unauthorized creation of admin users, leading to full access to customer data and complete compromise of the platform.

Added: Jan 14, 2026, 3:21 PM

Updated: Jan 14, 2026, 4:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.0

remediation

0.0

relevance

2.0

threat

0.0

urgency

10.0

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.0

remediation

0.0

relevance

2.0

threat

0.0

urgency

10.0

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BLUVOYIX Improper Authentication Vulnerability in Admin APIs Allowing Unauthorized User Creation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating