1 results (0.004 seconds)
CVSS: 6.9EPSS: 0%CPEs: 8EXPL: 1
CVSS: 6.9EPSS: 0%CPEs: 8EXPL: 1CVE-2025-1595 – Anhui Xufan Information Technology EasyCVR getbaseconfig information disclosure
https://notcve.org/view.php?id=CVE-2025-1595
23 Feb 2025 — A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic. This vulnerability affects unknown code of the file /api/v1/getbaseconfig. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/MH521/POC/blob/main/EasyCVR-%E8%A7%86%E9%A2%91%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0getbaseconfig%E6%8E%A5%E5%8F%A3%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •