CVE-2025-4526

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Dígitro NGC Explorer version 3.44.15

Description A problematic issue was found in the Configuration Page component, leading to missing password field masking. This issue can be initiated remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations For version 3.44.15, consider restricting access to the Configuration Page until a fix is available. As a temporary workaround, avoid using the Configuration Page remotely to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-549

Related Identifiers

CVE-2025-4526

Affected Products

Dígitro Ngc Explorer

CVE-2025-4526

Weakness Enumeration

Related Identifiers

Affected Products

References · 14