CNNVD-202511-179 Information

CNNVD ID

CNNVD-202511-179

Related CVE

CVE-2025-11690

• CNNVD Published: 2025-11-04

Description (Chinese)

CFMOTO RIDE是中国CFMOTO公司的一款车载车辆数据管理系统。 CFMOTO RIDE存在安全漏洞，该漏洞源于vehicleId参数存在不安全的直接对象引用，可能导致未经授权访问其他用户的敏感信息。

Description (English)

CFMOTO RIDE is a vehicle data management system of the Chinese company CFMOTO. There is a security loophole in CFMOTO RIDE, which stems from unsafe direct-object references to vehicleId parameters, which may lead to unauthorized access to sensitive information from other users.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CFMOTO

Published

2025-11-04

Last Modified

2026-02-24

References

https://medium.com/@ilnur.khakimov_86612/how-i-hacked-100-000-motorcycles-including-my-own-666bdb702b7d https://advisories.ncsc.nl/2025/ncsc-2025-0350.html https://access.redhat.com/security/cve/cve-2025-11690

Patch

https://www.cfmotousa.com/