CNNVD-202506-3115 Information

CNNVD ID

CNNVD-202506-3115

Related CVE

CVE-2025-49852

• CNNVD Published: 2025-06-24

Description (Chinese)

Control iD iDSecure On-premises是巴西Control iD公司的一款访问控制软件，用于管理人员和车辆的进出。 Control iD iDSecure On-premises 4.7.48.0及之前版本存在代码问题漏洞，该漏洞源于服务端请求伪造，可能导致未经验证的攻击者从其他服务器检索信息。

Description (English)

Control iD Secure On-premises is a access control software for managers and vehicles of the Brazilian company Control iD. Control iD idSecure On-premises 4.7.48.0 and earlier versions had a code loophole, which originated in a service-end request for forgery and could lead to unverified attackers retrieving information from other servers.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Control iD

Published

2025-06-24

Last Modified

2026-02-24

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-05

Patch

https://www.controlid.com.br/en/access-control/idsecure/