CVE-2025-11949
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a
Description
Description
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
How can this vulnerability impact me? :
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2025-10-21
CVE Last Modified Date:
2025-10-21
Report Generation Date:
2025-11-07
AI Powered Q&A Generation:
2025-10-21
EPSS Last Evaluated Date:
2025-10-22
NVD Report Link: