CVE-2025-32738 | THREATINT

Description

Missing authentication for critical function issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier. If exploited, a remote unauthenticated attacker may change the product settings.

PUBLISHED Reserved 2025-04-15 | Published 2025-05-15 | Updated 2025-05-15 | Assigner jpcert

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

Missing authentication for critical function

Product status

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

Ver.1.21 and earlier

affected

References

www.iodata.jp/support/information/2025/05_hdl-t/

jvn.jp/en/vu/JVNVU91726405/

cve.org (CVE-2025-32738)

nvd.nist.gov (CVE-2025-32738)

Download JSON

help @ threatint.eu