QSearchQSearch

CVE-2025-4526

4.3 MEDIUM

A vulnerability was identified in Dígitro NGC Explorer up to 3.44.15/3.48.21

Published: 2025-05-11 · Last updated: 2026-05-27

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE
CWE-200, CWE-549

Affected products

VendorProduct
digitrongc_explorer

Description

A vulnerability was identified in Dígitro NGC Explorer up to 3.44.15/3.48.21. The affected element is an unknown function of the component Configuration Page. Such manipulation leads to missing password field masking. It is possible to launch the attack remotely. Upgrading to version 3.48.22 is sufficient to fix this issue. It is suggested to upgrade the affected component. The vendor was contacted early about this disclosure but did not respond in any way.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2025-4528 A weakness has been identified in Dígitro NGC Explorer up to 3.44.15/3.48.21 (4.3 MEDIUM)
  • CVE-2025-4527 A security flaw has been discovered in Dígitro NGC Explorer up to 3.44.15/3.48.21 (3.7 LOW)

Same CWE

  • CVE-2026-49219 ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
  • CVE-2026-47165 ImageMagick is free and open-source software used for editing and manipulating digital images (4.1 MEDIUM)
  • CVE-2026-48855 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery
  • CVE-2026-45329 ESF-IDF is the Espressif Internet of Things (IOT) Development Framework (7.1 HIGH)
  • CVE-2026-36719 An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain ... (7.5 HIGH)