CVE-2025-67159
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
CVSS
7.5
Alto
EPSS
0.3%
p17
KEV
—
Exploit Today
5
0-100
Publicado: 2 ene 2026 · Última mod.: 5 jul 2026 · CWE-319
0.3%EPSS · 30 días0.3%
2026-06-302026-07-17
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2023-318237.5 ALT47.0%
——14An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function.9dCVE-2024-487887.5 ALT43.2%
——13An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.13dCVE-2024-388917.5 ALT35.4%
——11An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.12dCVE-2023-390867.5 ALT23.4%
——7ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.9dCVE-2025-564479.8 CRÍ19.3%
——6TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.12dCVE-2024-400904.3 MED16.4%
——5Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak in the Boa webserver allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack via sending a GET request to the index page.13d