CNNVD-202508-2699 Information

CNNVD ID

CNNVD-202508-2699

Related CVE

CVE-2025-52085

• CNNVD Published: 2025-08-22

Description (Chinese)

Yoosee是中国Yoosee公司的一款智能家居移动应用程序。 Yoosee 6.32.4版本存在安全漏洞，该漏洞源于后端API端点存在SQL注入漏洞，可能导致提取敏感数据库信息。

Description (English)

Yoosee is a smart home mobile application for Yoosee in China. There is a security loophole in version 6.32.4 of Yoosee, which originates from the back end of the API endpoint with an injection gap in SQL, which may lead to the extraction of sensitive database information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Yoosee

Published

2025-08-22

Last Modified

2026-02-24

References

https://yoosee.app https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21 https://access.redhat.com/security/cve/cve-2025-52085 https://nvd.nist.gov/vuln/detail/CVE-2025-52085