CVE-2025-58742
8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H
Summary
Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle (AiTM) by modifying the 'Server' field to redirect client authentication.This issue affects ImageDirector Capture: from 7.0.9 before 7.6.3.25808.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Milner | ImageDirector Capture | 7.0.9 < 7.6.3.25808 | affected |
Weaknesses
- CWE-522: CWE-522 Insufficiently Protected Credentials
- CWE-923: CWE-923 Improper Restriction of Communication Channel to Intended Endpoints
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.