CVE-2025-45583

Exploit

EPSS 0.34%
Veröffentlicht 12.09.2025 00:00:00
Zuletzt bearbeitet 16.10.2025 15:39:07
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Audi ≫ Universal Traffic Recorder Firmware Version1.52

Audi ≫ Universal Traffic Recorder Version2.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.34%	0.251

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://2barbie.notion.site/2024-Audi-UTR-2-0-Report-1bff0be688c680cb8795efe78732f8b9

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-45583

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-45583

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-45583

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-45583