Smartremote Module
CVE-2025-15509
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage.
AnalysisAI
The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage. [CVSS 4.3 MEDIUM]
Technical ContextAI
Classified as CWE-306 (Missing Authentication for Critical Function). Affects Smartremote Module. The SmartRemote module has insufficient restrictions on loading URLs, which may lead to some information leakage.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today