CVE-2025-30183
published 2025-06-09CVE-2025-30183: CyberData 011209 Intercom does not properly store or protect web server admin credentials.
PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.36%
27.4th percentile
CyberData 011209 Intercom
does not properly store or protect web server admin credentials.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cyberdata | 011209_sip_emergency_intercom | < 22.0.1 | 22.0.1 |
| cyberdata | 011209_sip_emergency_intercom_firmware | < 22.0.1 | 22.0.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j6x4-9c7c-pm84: CyberData 011209 Intercom
does not properly store or protect web server admin credentials
ghsa_unreviewed·2025-06-10
CVE-2025-30183 [HIGH] CWE-522 GHSA-j6x4-9c7c-pm84: CyberData 011209 Intercom
does not properly store or protect web server admin credentials
CyberData 011209 Intercom
does not properly store or protect web server admin credentials.
CISA ICS
CyberData 011209 SIP Emergency Intercom
cisa_ics·2025-06-05·CVSS 7.5
[HIGH] CyberData 011209 SIP Emergency Intercom
ICS Advisory
##
CyberData 011209 SIP Emergency Intercom
Release DateJune 05, 2025
Alert CodeICSA-25-155-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: CyberData
- Equipment: 011209 SIP Emergency Intercom
- Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Missing Authentication for Critical Function, SQL Injection, Insufficiently Protected Credentials, Path Traversal: '.../...//'
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, cause a denial-of-service condition, or achieve code execution.
## 3
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-06-09
Published