CVE-2025-31338

Wisdom Master Pro - Missing Authorization

CVSS 6.9 MEDIUMEPSS 0.4%CWE-862

A missing authorization vulnerability in the retrieve teacher Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to obtain partial user data by accessing the API functionality.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

SUNNET Technology Co., Ltd. · Wisdom Master Pro

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://zuso.ai/advisory/za-2025-01