Security Advisory

CVE-2025-43928

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-20 00:00:00

Last updated 2025-04-21 14:33:02

Assigner mitre

State PUBLISHED

Description

In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal administrator credentials in cleartext or with MD5 hashing.

← Browse all CVEs View on cve.org ↗