exploitDog

GHSA-ph5v-r485-jfgw

Опубликовано: 06 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.8

Описание

The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.

The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.

Ссылки

EPSS

Процентиль: 17%

0.00053

Низкий

5.8 Medium

CVSS3

CVE ID

Дефекты

CWE-340

Связанные уязвимости

CVE-2025-59452

CVSS3: 5.8

nvd

4 месяца назад

The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.

EPSS

Процентиль: 17%

0.00053

Низкий

5.8 Medium

CVSS3

CVE ID

Дефекты

CWE-340