CVE-2018-25129

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N                                    

Vulnerability Description

SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilities that allow attackers to access sensitive user credentials. Attackers can retrieve authenticated and unauthenticated user password hashes and pins through unprotected endpoints like Get_Permissions_From_DB.php and Ac10_ReadSortCard.

Vulnerability Details

Published Date

December 24, 2025

Last Modified

December 29, 2025

CWE ID

CWE-639

Source

NVD

External References

http://www.socatech.com
https://www.exploit-db.com/exploits/46832
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5517.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5517.php

CVE-2018-25129

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment