CVE-2025-35940 - ArchiverSpaApi JWT Signing Key Hard-Coded Vulnerability

byMaloy Roy Orko -June 10, 2025

CVE ID : CVE-2025-35940
Published : June 10, 2025, 9:15 p.m. | 1 hour, 28 minutes ago
Description : The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL endpoints.
Severity: 8.1 | HIGH

Tags Latest Vulnerabilities

CVE-2025-35940 - ArchiverSpaApi JWT Signing Key Hard-Coded Vulnerability

Post a Comment

CVE-2025-0842 | Library-Card-System | SQL Injection Admin Login Bypass In admin.php | Found By Maloy Roy Orko

Categories

Main Tags

Contact Form

Latest Posts

Popular Posts

CVE-2025-0842 | Library-Card-System | SQL Injection Admin Login Bypass In admin.php | Found By Maloy Roy Orko

CVE-2025-0722 | Image_Gallery | Add Gallery- admin/gallery.php | Unrestricted File Upload | Found By Maloy Roy Orko

CVE-2025-0721 | Image_Gallery | view.php?username= | Cross Site Scripting (Reflected XSS) | Found By Maloy Roy Orko

Contact Form