CVE-2025-30184
published 2025-06-09CVE-2025-30184: CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path.
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.47%
37.0th percentile
CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cyberdata | 011209_sip_emergency_intercom | < 22.0.1 | 22.0.1 |
| cyberdata | 011209_sip_emergency_intercom_firmware | < 22.0.1 | 22.0.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Authentication bypass via alternate path or channel (CWE-288) allows unauthenticated access to the Web Interface of CyberData 011209 SIP Emergency Intercom; monitor for unauthenticated HTTP requests reaching protected web interface endpoints on affected devices running firmware prior to 22.0.1. ↗
- →Missing authentication for critical function (CWE-306) exposes features that can be abused by unauthenticated remote attackers to cause denial-of-service or system disruption; monitor for unexpected unauthenticated requests to critical function endpoints. ↗
- →Blind SQL injection (CWE-89) by unauthenticated users can be used to exfiltrate sensitive information; monitor for SQL injection patterns in HTTP request parameters to the intercom web interface. ↗
- →Insufficiently protected credentials (CWE-522): web server admin credentials are not properly stored or protected; monitor for unauthorized credential access or exposure via the web interface. ↗
- →Path traversal via '.../...//' sequences (CWE-35) allows authenticated attackers to upload arbitrary files to arbitrary locations; monitor for HTTP file upload requests containing traversal sequences such as '.../...//' in file paths. ↗
- ·All five vulnerabilities (CVE-2025-30184, CVE-2025-26468, CVE-2025-30507, CVE-2025-30183, CVE-2025-30515) affect CyberData 011209 SIP Emergency Intercom firmware versions prior to 22.0.1 only; devices running v22.0.1 or later are not affected. ↗
- ·No known public exploitation specifically targeting these vulnerabilities has been reported at time of advisory publication; threat landscape may change. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g6rr-5fcq-xjcm: CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path
ghsa_unreviewed·2025-06-10
CVE-2025-30184 [CRITICAL] CWE-288 GHSA-g6rr-5fcq-xjcm: CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path
CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path.
CISA ICS
CyberData 011209 SIP Emergency Intercom
cisa_ics·2025-06-05·CVSS 7.5
[HIGH] CyberData 011209 SIP Emergency Intercom
ICS Advisory
##
CyberData 011209 SIP Emergency Intercom
Release DateJune 05, 2025
Alert CodeICSA-25-155-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: CyberData
- Equipment: 011209 SIP Emergency Intercom
- Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Missing Authentication for Critical Function, SQL Injection, Insufficiently Protected Credentials, Path Traversal: '.../...//'
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, cause a denial-of-service condition, or achieve code execution.
## 3
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-06-09
Published