CNNVD-202509-3565 Information

CNNVD ID

CNNVD-202509-3565

Related CVE

CVE-2025-57433

• CNNVD Published: 2025-09-22

Description (Chinese)

2wcom IP-4c是德国2wcom公司的一款音频编解码设备。 2wcom IP-4c 2.15.5版本存在安全漏洞，该漏洞源于特定端点/cwi/ajax_request/get_data.php存在信息泄露，可能导致攻击者获取管理员、经理和访客账户的哈希密码。

Description (English)

2wcom IP-4c is an audio decoded device by 2wcom Germany. Version 2wcom IP-4c 2.15.5 contains a security loophole that originates from a leak of information at a particular end point/cwi/ajax request/get data.php, which may lead the attackers to obtain Hashi passwords for the accounts of administrators, managers and visitors.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

2wcom

Published

2025-09-22

Last Modified

2026-02-24

References

https://www.2wcom.com/ https://github.com/shiky8/my–cve-vulnerability-research/tree/main/CVE-2025-57433 https://access.redhat.com/security/cve/cve-2025-57433

Patch

https://www.2wcom.com/products/ip-4c/