Security Advisory

CVE-2025-13315

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-19 17:41:36

Last updated 2025-11-19 18:20:50

Assigner rapid7

State PUBLISHED

Description

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrators username and encrypted password.

← Browse all CVEs View on cve.org ↗