How severe is CVE-2025-2356?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2025-2356?

This is classified as CWE-598, which is a common weakness in software security.

CVE-2025-2356

MEDIUM Year: 2025

CVSS v3 Score

3.7

Low

CVSS v2 Score

2.6

Low

Weakness Type

CWE-598

View all →

Vulnerability Description

A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic. This affects the function deviceDelete of the component API Handler. The manipulation leads to use of get request method with sensitive query strings. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-0730

MEDIUM

CVSS:3.7(Low)

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi of the component HTTP GE...

CWE-5982025

CVE-2025-3943

MEDIUM

CVSS:4.1(Medium)

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter In...

CWE-5982025

CVE-2024-2745

LOW

CVSS:3.3(Low)

Rapid7's InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is atte...

CWE-5982024

CVE-2025-26058

MEDIUM

CVSS:4.2(Medium)

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens dire...

CWE-5982025

CVE-2024-9877

MEDIUM

CVSS:4.3(Medium)

: Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4.

CWE-5982024

CVE-2025-3637

LOW

CVSS:3.1(Low)

A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occur...

CWE-5982025

CVE-2025-2356

Vulnerability Description

Related Vulnerabilities

CVE-2025-0730

CVE-2025-3943

CVE-2024-2745

CVE-2025-26058

CVE-2024-9877

CVE-2025-3637