Critical Alert 2 Active Exploits Detected Today

CVE-2026-56291 Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability →
CVE-2026-48939 iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability →
Powered by CVE Watchtower
×

CVE Watchtower


← Back to CVE List

CVE-2025-13607NVD

Vulnerability Summary

A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL.
Severity Level
CRITICAL(9.3)
Published Date
Dec 10, 2025
Last Modified
Dec 12, 2025
Exploitation Status
No confirmed exploitation yet
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
Refer to the official MITRE database for detailed architectural specifications regarding this weakness.
CVSS v4.0 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone