CVE-2025-25061 | THREATINT

Description

Unintended proxy or intermediary ('Confused Deputy') issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack.

PUBLISHED Reserved 2025-03-18 | Published 2025-04-04 | Updated 2025-04-04 | Assigner jpcert

MEDIUM: 5.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Problem types

Unintended proxy or intermediary ('Confused Deputy')

Product status

All versions

affected

All versions

affected

References

www.electronics.jtekt.co.jp/en/topics/202503207271/

www.electronics.jtekt.co.jp/en/topics/202503207269/

jvn.jp/en/jp/JVN17260367/

cve.org (CVE-2025-25061)

nvd.nist.gov (CVE-2025-25061)

Download JSON