CVE-2025-2407

Critical CVSS: 9.3

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5.

Vendor

Product

CWE

CWE-306

Yayın Tarihi

2025-05-27 08:15:19

Güncelleme

2025-05-28 15:01:30

Source Identifier

vulnerability@ncsc.ch

KEV Date Added

Kategoriler

CWE-306 CRITICAL 2025

Referanslar

https://mobatimemtsl.github.io/Vulnerability-References/