CVE-2025-41351

2026-01-28 [email protected]

Lifecycle Timeline

2

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Jan 28, 2026 - 11:15 nvd

N/A

Description

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs.

Analysis

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs.

Technical Context

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs.

Affected Products

Vulnerability that

Remediation

Monitor vendor advisories for a patch.

Priority Score

0

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +0

POC: 0

Share

CVE-2025-41351 vulnerability details – vuln.today

Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy

CVE-2025-41351

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code