Skip to content
Medium Published: Dec 16, 2025 Modified: Dec 16, 2025

CVE-2025-0836

6.3 CVSS Score Medium
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Export CVE-2025-0836 Data:
Share:
Link copied!

Description

Missing Authorization vulnerability in Milestone Systems XProtect VMS allows users with read-only access to Management Server to have full read/write access to MIP Webhooks API.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity Low
Availability Low

Weaknesses (CWE)

  • CWE-862

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Dec 16, 2025 11:15 New CVE Received
← Back to CVE Tracker