CVE-2025-42604

Summary

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related information.

Affected Software

VendorProductVersion RangeStatus
MeonKYC solutions1.1affected

Weaknesses

  • CWE-1295: CWE-1295: Debug Messages Revealing Unnecessary Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References