CVE-2025-26689

Name of the Vulnerable Software and Affected Versions CHOCO TEI WATCHER mini (IB-MCT001) all versions

Description A Direct request ('Forced Browsing') issue exists, allowing a remote attacker to send a specially crafted HTTP request to obtain or delete product data, and/or alter product settings.

Recommendations For all versions, consider restricting access to the product until a patch is available, and avoid using the product with untrusted networks to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.