CVE-2025-4526: Dígitro NGC Explorer Configuration Page missing password field masking
First published: Sun May 11 2025(Updated: )
A vulnerability, which was classified as problematic, was found in Dígitro NGC Explorer 3.44.15. This affects an unknown part of the component Configuration Page. The manipulation leads to missing password field masking. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dígitro NGC Explorer |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4526?
CVE-2025-4526 is classified as a problematic vulnerability.
What component is affected by CVE-2025-4526?
CVE-2025-4526 affects the Configuration Page in Dígitro NGC Explorer 3.44.15.
What kind of attack can be initiated due to CVE-2025-4526?
CVE-2025-4526 allows for remote attacks due to missing password field masking.
How can the vulnerability CVE-2025-4526 be exploited?
The vulnerability CVE-2025-4526 can be exploited by manipulating input fields on the affected Configuration Page.
What should I do to mitigate CVE-2025-4526?
To mitigate CVE-2025-4526, ensure that necessary security patches are applied to the Dígitro NGC Explorer software.
- collector/mitre-cve
- source/MITRE
- agent/type
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/title
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/dígitro
- canonical/dígitro ngc explorer