This vulnerability in Aarsiv Groups' Automated FedEx live/manual rates with shipping labels product arises from missing authorization checks, leading to incorrect access control enforcement. Affected versions include all versions up to 5.1.9. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) indicates that an attacker can exploit this remotely without authentication or user interaction, potentially causing limited confidentiality, integrity, and availability impacts. No official patch or vendor advisory details are provided, and the product is not a cloud service, so remediation depends on vendor updates.

Exploitation of this vulnerability could allow an unauthenticated remote attacker to bypass access controls, potentially leading to unauthorized access to sensitive shipping rate and label information. This could result in limited confidentiality loss, integrity compromise, and availability disruption of the affected system's functionality. However, no known exploits are currently reported in the wild.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict access to the affected system where possible and monitor for unusual activity related to shipping label and rate functionalities. Avoid exposing the affected service directly to untrusted networks.