216.73.217.50

CVE-2025-9310

· Published 21/08/2025 17:15 · Modified 21/08/2025 18:15

Labels: CVE-2025-9310 2025-08-21CVE-2025-9310CWE-259[email protected]

Essential information

Published
21/08/2025 17:15
Modified
21/08/2025 18:15
Author
Creator
CVSS
5.5 MEDIUM (v3) 5.5 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. Affected by this vulnerability is an unknown functionality of the file /carRental_war/druid/login.html of the component Druid. Executing manipulation can lead to hard-coded credentials. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
yeqifu / carRental cpe:2.3:a:yeqifu:carRental:*:*:*:*:*:*:*:*
unknown / Druid cpe:2.3:a:unknown:Druid:*:*:*:*:*:*:*:*

References