CVE-2025-45583

critical

Description

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.

References

https://2barbie.notion.site/2024-Audi-UTR-2-0-Report-1bff0be688c680cb8795efe78732f8b9

Details

Source: Mitre, NVD

Published: 2025-09-12

Updated: 2025-09-15

Risk Information

CVSS v2

Base Score: 9.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00018

Detections

Analytics