The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.

Related CVEs

CVE-2025-9524

Key Information

GHSA ID

GHSA-3ghv-qqmp-p6c4

Published

November 11, 2025 9:30 AM

Last Modified

November 11, 2025 9:30 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: November 23, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.