7.7
CVE-2025-9293
- EPSS 0.01%
- Veröffentlicht 13.02.2026 00:22:27
- Zuletzt bearbeitet 13.02.2026 23:16:08
- Quelle f23511db-6c3e-4e32-a477-6aa17d
- CVE-Watchlists
- Unerledigt
A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerTP-Link Systems Inc.
≫
Produkt
Tapo App
Default Statusunaffected
Version <
3.14.111
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Kasa App
Default Statusunaffected
Version <
3.4.350
Version
0
Status
affected
HerstellerTP Link Systems Inc.
≫
Produkt
Omada App
Default Statusunaffected
Version <
4.25.25
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Omada Guard
Default Statusunaffected
Version <
1.1.28
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Tether App
Default Statusunaffected
Version <
4.12.27
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Deco App
Default Statusunaffected
Version <
3.9.163
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Aginet App
Default Statusunaffected
Version <
2.13.6
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
tpCamera App
Default Statusunaffected
Version <
3.2.17
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
WiFi Toolkit
Default Statusunaffected
Version <
1.4.28
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Festa App
Default Statusunaffected
Version <
1.7.1
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
Wi-Fi Navi
Default Statusunaffected
Version <
1.5.5
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
KidShield
Default Statusunaffected
Version <
1.1.21
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
TP-Partner App
Default Statusunaffected
Version <
2.0.1
Version
0
Status
affected
HerstellerTP-Link Systems Inc.
≫
Produkt
VIGI App
Default Statusunaffected
Version <
2.7.70
Version
0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.019 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| f23511db-6c3e-4e32-a477-6aa17d310630 | 7.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.