Medium severity5.8NVD Advisory· Published Jul 3, 2025· Updated Apr 15, 2026
CVE-2025-49618
CVE-2025-49618
Description
In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.