CVE-2025-46408 | THREATINT

Description

An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOW_ALL_HOSTNAME_VERIFIER, bypassing domain validation.

PUBLISHED Reserved 2025-07-11 | Published 2025-09-15 | Updated 2025-09-17 | Assigner mitre

References

github.com/shinyColumn/CVE-2025-46408

cve.org (CVE-2025-46408)

nvd.nist.gov (CVE-2025-46408)

Download JSON