CVE-2025-2388

Name of the Vulnerable Software and Affected Versions Keytop 路内停车收费系统 version 2.7.1

Description A critical issue has been identified, affecting an unknown functionality of the file /saas/commonApi/park/getParks of the component API. This leads to improper authentication. The issue can be exploited remotely.

Recommendations For version 2.7.1, consider restricting access to the /saas/commonApi/park/getParks API endpoint to minimize the risk of exploitation. As a temporary workaround, review and strengthen authentication mechanisms until a patch is available.