CVE-2025-4555

Summary

The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access system functions. These functions include opening gates, viewing license plates and parking records, and restarting the system.

Affected Software

VendorProductVersion RangeStatus
ZONG YUOkcat Parking Management Platform0affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

Workarounds

The affected product is no longer maintained. It is recommended to evaluate and adopt alternative products.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References