CNNVD-202510-1463 Information
Oct 10, 2025
cve
CNNVD ID
CNNVD-202510-1463
Related CVE
- CNNVD Published: 2025-10-10
Description (Chinese)
Kiwire Captive Portal是马来西亚Kiwire公司的一个登录认证页面。 Kiwire Captive Portal存在安全漏洞,该漏洞源于login-url参数存在开放重定向问题,可能导致用户被重定向到攻击者控制的网站。
Description (English)
Kiwire Captive Portal is a login authentication page for the Malaysian company Kiwire. There is a security loophole in Kiwire Captive Portal, which stems from the open re-direction problem of the login-url parameter, which could lead to the re-direction of the user to the attacker-controlled website.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Kiwire
Published
2025-10-10
Last Modified
2026-02-24
References
https://www.synchroweb.com/release-notes/kiwire/security
Patch
https://www.synchroweb.com/release-notes/kiwire/security
Share on: