CVE-2025-7355

MEDIUM 6.5

IDOR in Beefull Energy Technologies' Beefull App

CVSS Score

6.5

EPSS Score

0.1%

EPSS Percentile

19th

Authorization Bypass Through User-Controlled Key vulnerability in Beefull Energy Technologies Beefull App allows Exploitation of Trusted Identifiers. This issue affects Beefull App: before 24.07.2025.

CWE	CWE-639
Vendor	beefull energy technologies
Product	beefull app
Published	Sep 16, 2025
Last Updated	Jun 5, 2026

Stay Ahead of the Next One

Get instant alerts for beefull energy technologies beefull app

Be the first to know when new medium vulnerabilities affecting beefull energy technologies beefull app are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

Beefull Energy Technologies / Beefull App

0 < 24.07.2025

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-25-0255 siberguvenlik.gov.tr: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0255

Credits

Samet Alkis