CVE-2025-44612

medium

Description

Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, including control information and device credentials, allowing attackers to possibly intercept and access sensitive information via a man-in-the-middle attack.

References

https://github.com/ShravanSinghRathore/Tinxy/wiki/1.-WiFi-Lock-Controller-v1-RF-%281%E2%80%909%29

Details

Source: Mitre, NVD

Published: 2025-05-30

Updated: 2025-05-30

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00018