CVE-2025-25711 | dtp.ae tNexus Airport View 2.8 API Endpoint updateUser ProfileID Privilege Escalation
A vulnerability, which was classified as critical, was found in dtp.ae tNexus Airport View 2.8. Affected is an unknown function of the file /tnexus/rest/admin/updateUser of the component API Endpoint. The manipulation of the argument ProfileID leads to Privilege Escalation.
This vulnerability is traded as CVE-2025-25711. It is possible to launch the attack remotely. There is no exploit available.