{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-67298", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-11T15:34:24.330Z", "dateReserved": "2025-12-08T00:00:00.000Z", "datePublished": "2026-03-11T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T14:50:42.331Z"}, "descriptions": [{"lang": "en", "value": "An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the endpoints /api/verify and /rest/v1/profile"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/classroomio/classroomio/releases/tag/v0.2.6"}, {"url": "https://gist.github.com/prashunbaral/70c4f6f9d9ff8b82295623073eb41f3a"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-345", "lang": "en", "description": "CWE-345 Insufficient Verification of Data Authenticity"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-290", "lang": "en", "description": "CWE-290 Authentication Bypass by Spoofing"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-639", "lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T15:34:21.358423Z", "id": "CVE-2025-67298", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:34:24.330Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-67298", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T15:34:21.358423Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-345", "description": "CWE-345 Insufficient Verification of Data Authenticity"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:28:37.639Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/classroomio/classroomio/releases/tag/v0.2.6"}, {"url": "https://gist.github.com/prashunbaral/70c4f6f9d9ff8b82295623073eb41f3a"}], "descriptions": [{"lang": "en", "value": "An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the endpoints /api/verify and /rest/v1/profile"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-11T14:50:42.331Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67298", "state": "PUBLISHED", "dateUpdated": "2026-03-11T15:34:24.330Z", "dateReserved": "2025-12-08T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-11T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:classroomio:classroomio:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4B035A9-E445-4EB6-B05D-82F181AAB6CC", "versionEndExcluding": "0.2.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the endpoints /api/verify and /rest/v1/profile"}, {"lang": "es", "value": "Un problema en ClasroomIO antes de la v.0.2.6 permite a un atacante remoto escalar privilegios a trav\u00e9s de los endpoints /api/verify y /rest/v1/profile"}], "id": "CVE-2025-67298", "lastModified": "2026-04-07T01:19:45.960", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-11T15:16:21.207", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/prashunbaral/70c4f6f9d9ff8b82295623073eb41f3a"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/classroomio/classroomio/releases/tag/v0.2.6"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}, {"lang": "en", "value": "CWE-345"}, {"lang": "en", "value": "CWE-639"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.2.6)"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "classroomio", "vendor": "classroomio"}], "analysis": {"en": {"generated_at": "2026-04-07T09:59:55.641302+00:00", "value": {"mitigation_remediation": ["Upgrade ClassroomIO to version 0.2.6 or later.", "Verify that /api/verify and /rest/v1/profile endpoints require authentication.", "Monitor application logs for suspicious API activity.", "Restrict network access to the API endpoints using firewall or access controls."], "summary": {"action": "Apply Patch", "impact": "Remote Privilege Escalation"}, "threat_synthesis": {"affected_systems": "ClassroomIO applications running any version prior to 0.2.6 are affected. The issue is present in all builds of ClassroomIO before the 0.2.6 release, regardless of deployment environment.", "description_and_impact": "The flaw lies in ClassroomIO\u2019s /api/verify and /rest/v1/profile endpoints, which lack proper authorization checks. A remote attacker can craft HTTP requests to these endpoints and obtain administrative privileges, effectively gaining full control of the application. The weakness aligns with CWE\u2011290 (Missing Authorization) and CWE\u2011639 (Privilege Escalation).", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.1, indicating high severity. Despite a low EPSS of less than 1\u202f% and no current listing in CISA\u2019s KEV catalog, the potential for remote privilege escalation remains significant. An attacker would need network access to the application\u2019s API layer, which is typically exposed to legitimate users, making exploitation plausible in environments lacking additional network segmentation."}}}}, "created": "2026-03-12T10:06:45.766182+00:00", "updated": "2026-04-08T20:02:39.402935+00:00", "vendors": ["classroomio", "classroomio$PRODUCT$classroomio"]}