CVE-2025-47872 in 12kPVinformação

Sumário

de MITRE • 08/08/2025

The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gain information on the product registration status of different S/Ns.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgação

08/08/2025

Moderação

aceite

Entrada

VDB-319195

CPE

pronto

CWE

CWE-203 (confirmado)

CVSS

5.8 (CNA)

EPSS

0.00260

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-47872
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-47872
CVE Details	https://www.cvedetails.com/cve/CVE-2025-47872/

◂ Voltar Visão Geral Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!