5.3
CVE-2025-1881
- EPSS 0.31%
- Veröffentlicht 03.03.2025 21:15:18
- Zuletzt bearbeitet 05.03.2025 14:05:15
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
Logini-Drive i11/i12 Video Footage/Live Video Stream access control
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotely. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
I-drive ≫ I11 Firmware Version <= 20250227
I-drive ≫ I12 Firmware Version <= 20250227
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.222 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@vuldb.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| cna@vuldb.com | 5.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-266 Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
https://github.com/geo-chen/i-Drive
https://vuldb.com/?id.298195
https://vuldb.com/?ctiid.298195
https://vuldb.com/?submit.510952