CVE-2025-13315 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls…
Critical CVSS: 9.3

CVE-2025-13315

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.
Vendor
Lynxtechnology
Product
Twonky Server
CWE
CWE-420
Yayın Tarihi
2025-11-19 18:15:47
Güncelleme
2025-12-02 16:42:19
Source Identifier
cve@rapid7.com
KEV Date Added
-

Kategoriler

CWE-420 Twonky Server CRITICAL Lynxtechnology 2025

Referanslar

https://www.rapid7.com/blog/post/cve-2025-13315-cve-2025-13316-critical-twonky-server-authentication-bypass-not-fixed/