CVE-2025-11852
BaseFortify
Publication date: 2025-10-16
Last updated on: 2025-10-21
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apeman | id71 | 218.53.203.117 |
| apeman | onvif_service | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Apeman ID71 device, specifically in an unknown function within the /onvif/device_service file of the ONVIF Service component. It allows an attacker to bypass authentication remotely by manipulating this function, potentially gaining unauthorized access.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing remote attackers to bypass authentication on the affected device, potentially leading to unauthorized access to device functions or data. This could compromise the security and privacy of the device and its connected systems.