cvedb.io
CVE-2025-47872
MEDIUM · CVSS 5.8
EPSS exploitation probability: 0%
Published 2025-08-08T17:15:28.573 · Last modified 2026-06-17T09:28:47.330

Summary

The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gain information on the product registration status of different S/Ns.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.