CVE-2025-27845 Information

Aug 15, 2025 cve

Description

In ESPEC North America Web Controller 3 before 3.3.4 /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the UI.

Reference

https://espec.com https://espec.com/na/about/detail/cve_2025_27845

CNNVD-202508-1651 (Published: 2025-08-14)

Share on:

CVE-2025-27845 Information

Description

Reference

Related CNNVD