CVE-2025-41646

EPSS 40.73%
Veröffentlicht 06.06.2025 14:42:31
Zuletzt bearbeitet 10.06.2025 19:29:22
Quelle info@cert.vde.com
CVE-Watchlists
Login
Unerledigt
Login

RevPi Webstatus application is vulnerable to an authentication bypass

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Kunbus ≫ Revpi Status Version < 2.4.6

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	40.73%	0.985

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
info@cert.vde.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-704 Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.

https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000003

Vendor Advisory

https://psirt.kunbus.com/.well-known/csaf/white/2025/kunbus-2025-0000003.json

Product

https://nvd.nist.gov/vuln/detail/CVE-2025-41646

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-41646

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-41646

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-41646