PT-2025-23234 · Unknown · Tinxy Wifi Lock Controller
Published
2025-05-30
·
Updated
2025-07-22
·
CVE-2025-44614
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tinxy WiFi Lock Controller version v1 RF
Description
The issue concerns the storage of sensitive user information, including credentials and mobile phone numbers, in plaintext.
Recommendations
For Tinxy WiFi Lock Controller version v1 RF, consider updating the software to a version that securely stores user data, if available. As a temporary workaround, restrict access to the device to minimize the risk of unauthorized data access. Avoid using the device until the issue is resolved or a secure alternative is implemented.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tinxy Wifi Lock Controller