CVE-2025-13315

Exploit
 

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.
https://nvd.nist.gov/vuln/detail/CVE-2025-13315

Categories

CWE-420 : Unprotected Alternate Channel
The product protects a primary channel, but it does not use the same level of protection for an alternate channel. Identify all alternate channels and use the same protection mechanisms that are used for the primary channels. When the internal flash is protected by blocking access on the Data Bus (DBUS), it can still be indirectly accessed through the Instruction Bus (IBUS). DB server assumes that local clients have performed authentication, allowing attacker to directly connect to a process to load libraries and execute commands; a socket interface also exists (another alternate channel), so attack can be remote. Product does not restrict access to underlying database, so attacker can bypass restrictions by directly querying the database. User can avoid lockouts by using an API instead of the GUI to conduct brute force password guessing. FTP service can not be disabled even when other access controls would require it. Windows named pipe created without authentication/access control, allowing configuration modification. Router management interface spawns a separate TCP connection after authentication, allowing hijacking by attacker coming from the same IP address.

References


 

CPE

cpe start end

REMEDIATION


EXPLOITS

Exploit-db.com

id description date
No known exploits

POC Github

Url
https://github.com/Ashwesker/Blackash-CVE-2025-13315

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id description severity
No entry