CVE-2025-47697

Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user.
References
Link Resource
https://jvn.jp/en/jp/JVN51394666/ Third Party Advisory
https://www.uchida.co.jp/wivia/support02.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:uchida:wivia_5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:uchida:wivia_5:-:*:*:*:*:*:*:*

History

04 Jun 2025, 19:57

Type Values Removed Values Added
First Time Uchida
Uchida wivia 5 Firmware
Uchida wivia 5
CPE cpe:2.3:h:uchida:wivia_5:-:*:*:*:*:*:*:*
cpe:2.3:o:uchida:wivia_5_firmware:*:*:*:*:*:*:*:*
References () https://jvn.jp/en/jp/JVN51394666/ - () https://jvn.jp/en/jp/JVN51394666/ - Third Party Advisory
References () https://www.uchida.co.jp/wivia/support02.html - () https://www.uchida.co.jp/wivia/support02.html - Vendor Advisory
CVSS v2 : unknown
v3 : 6.5
v2 : unknown
v3 : 7.5
CWE NVD-CWE-noinfo

30 May 2025, 16:31

Type Values Removed Values Added
Summary
  • (es) Existe un problema de aplicación de la seguridad del lado del cliente en el lado del servidor en todas las versiones de Wivia 5. Si se explota, un atacante no autenticado podría eludir la autenticación y usar el dispositivo afectado como moderador.

30 May 2025, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-30 07:15

Updated : 2025-06-04 19:57


NVD link : CVE-2025-47697

Mitre link : CVE-2025-47697

CVE.ORG link : CVE-2025-47697


JSON object : View

Products Affected

uchida

  • wivia_5_firmware
  • wivia_5
CWE
CWE-602

Client-Side Enforcement of Server-Side Security

NVD-CWE-noinfo