CVE-2025-66723

High CVSS: 7.5

inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.

Vendor

Inmusicbrands

Product

Engine Dj Desktop

CWE

CWE-732

Yayın Tarihi

2025-12-30 21:15:44

Güncelleme

2026-01-05 20:25:53

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-732 Engine Dj Desktop HIGH Inmusicbrands 2025

Referanslar

https://github.com/audiopump/cve-2025-66723 https://www.inmusicbrands.com/