CVE-2025-8025
Improper Access Control in Dinosoft Business Solutions' Dinosoft ERP
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
7th
Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from < 3.0.1 through 11022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
| CWE | CWE-306 CWE-284 |
| Vendor | dinosoft business solutions |
| Product | dinosoft erp |
| Published | Feb 11, 2026 |
| Last Updated | Mar 25, 2026 |
Stay Ahead of the Next One
Get instant alerts for dinosoft business solutions dinosoft erp
Be the first to know when new critical vulnerabilities affecting dinosoft business solutions dinosoft erp are published β delivered to Slack, Telegram or Discord.
Get Free Alerts β
Free Β· No credit card Β· 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Dinosoft Business Solutions / Dinosoft ERP
< 3.0.1 β€ 11022026
References
Credits
Mustafa GΓNEL