Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-tfy3-cvgf-wyd8
SummaryUnintended proxy or intermediary ('Confused Deputy') issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to use the product as an intermediary for FTP bounce attack.
Aliases
0
alias CVE-2025-25061
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-25061
reference_id
reference_type
scores
0
value 0.00834
scoring_system epss
scoring_elements 0.75062
published_at 2026-06-11T12:55:00Z
1
value 0.00834
scoring_system epss
scoring_elements 0.75142
published_at 2026-06-14T12:55:00Z
2
value 0.00834
scoring_system epss
scoring_elements 0.75145
published_at 2026-06-13T12:55:00Z
3
value 0.00834
scoring_system epss
scoring_elements 0.75132
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-25061
1
reference_url https://www.electronics.jtekt.co.jp/en/topics/202503207269/
reference_id 202503207269
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:20:50Z/
url https://www.electronics.jtekt.co.jp/en/topics/202503207269/
2
reference_url https://www.electronics.jtekt.co.jp/en/topics/202503207271/
reference_id 202503207271
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:20:50Z/
url https://www.electronics.jtekt.co.jp/en/topics/202503207271/
3
reference_url https://jvn.jp/en/jp/JVN17260367/
reference_id JVN17260367
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-04T14:20:50Z/
url https://jvn.jp/en/jp/JVN17260367/
Weaknesses
0
cwe_id 441
name Unintended Proxy or Intermediary ('Confused Deputy')
description The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor.
Exploits
Severity_range_score5.8 - 5.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-tfy3-cvgf-wyd8