CNNVD-202508-1651 Information
CNNVD ID
CNNVD-202508-1651
Related CVE
- CNNVD Published: 2025-08-14
Description (Chinese)
ESPEC North America Web Controller 3是美国ESPEC North America公司的一个实验室设备监控软件。 ESPEC North America Web Controller 3 3.3.4之前版本存在安全漏洞,该漏洞源于无效认证请求导致JWT密钥泄露,可能导致UI权限提升。
Description (English)
ESPEC North America Web Contractor 3 is a laboratory equipment control software for the United States company ESPEC North America. There was a security loophole in the previous version of ESPEC North American Web Contractor 3.3.4, which resulted from an invalid authentication request leading to the disclosure of a JWT key, which could lead to an increase in UI privileges.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
ESPEC North America
Published
2025-08-14
Last Modified
2026-02-24
References
https://espec.com https://espec.com/na/about/detail/cve_2025_27845 https://nvd.nist.gov/vuln/detail/CVE-2025-27845
Patch
https://espec.com/na/about/detail/cve_2025_27845
Share on: