CVE-2025-2388
6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Summary
A vulnerability was found in Keytop 路内停车收费系统 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Keytop | 路内停车收费系统 | 2.7.1 | affected |
Weaknesses
- CWE-287: Improper Authentication
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://vuldb.com/?id.299887
- https://vuldb.com/?ctiid.299887
- https://vuldb.com/?submit.516710
- https://github.com/K-mxredo/MXdocument/wiki
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.