CVE-2025-15509
Undergoing Analysis
Undergoing Analysis - In Progress
BaseFortify
Publication date: 2026-02-27
Last updated on: 2026-03-09
Assigner: Vivo Mobile Communication Co., Ltd.
Description
Description
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vivo | smartremote_module | to 5.1.2.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the SmartRemote module, which does not sufficiently restrict the loading of URLs. This weakness can potentially lead to some information leakage.
How can this vulnerability impact me? :
Because the SmartRemote module allows loading URLs without adequate restrictions, it may expose sensitive information unintentionally. This information leakage could compromise privacy or security depending on the context in which the module is used.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70