CVE-2025-66963
Modified Modified - Updated After Analysis

BaseFortify

Vulnerability report for CVE-2025-66963, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-15

Last updated on: 2026-07-05

Assigner: MITRE

Description

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-15
Last Modified
2026-07-05
Generated
2026-07-06
AI Q&A
2025-12-15
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
hitrontech hi3120_firmware 7.2.4.5.2b1
hitrontech hi3120 *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information by exploiting the Logout option in the index.html page. Essentially, the session or sensitive data is not properly protected or cleared upon logout, enabling unauthorized access to information. [1]

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive information to a local attacker. This could compromise user privacy and security by exposing data that should have been protected after logout. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66963. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart