CNNVD-202512-3232 Information
CNNVD ID
CNNVD-202512-3232
Related CVE
- CNNVD Published: 2025-12-17
Description (Chinese)
AVideo是World Wide Broadcast Network开源的一个广播网络创建工具。 AVideo 20.0之前版本存在安全漏洞,该漏洞源于未经验证的公共API端点暴露敏感用户信息,可能导致用户枚举和隐私侵犯。
Description (English)
AVideo is an open-source radio network creation tool for the World Wide Broadcast Network. Prior to AVideo 20.0, there was a security loophole that originated from uncertified public API endpoints that exposed sensitive user information, which could lead to user count and privacy violations.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
World Wide Broadcast Network
Published
2025-12-17
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/avideo-user-information-disclosure-via-public-api https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/ https://github.com/WWBN/AVideo/commit/1416c517e2 https://github.com/WWBN/AVideo/commit/4a53ab2056 https://access.redhat.com/security/cve/cve-2025-34441
Patch
https://github.com/WWBN/AVideo
Share on: