CVE-2025-25983

An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component.

CVSS v3 3.4 LOW

3.4^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/vladko312/Research_v380_IP_camera	Exploit Third Party Advisory Product
https://github.com/vladko312/Research_v380_IP_camera/blob/main/CVE-2025-25983.md	Exploit

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:macro-video:v380_pro:2.1.44:::::android::
	cpe:2.3:a:macro-video:v380_pro:2.1.64:::::android::

History

25 Jun 2025, 18:43

Type	Values Removed	Values Added
CPE		cpe:2.3:a:macro-video:v380_pro:2.1.44:::::android:: cpe:2.3:a:macro-video:v380_pro:2.1.64:::::android::
Summary		(es) Un problema en Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64, permite a un atacante obtener información confidencial a través del componente de uso compartido basado en código QE.
First Time		Macro-video Macro-video v380 Pro
References	~~() https://github.com/vladko312/Research_v380_IP_camera -~~	() https://github.com/vladko312/Research_v380_IP_camera - Exploit, Third Party Advisory, Product
References	~~() https://github.com/vladko312/Research_v380_IP_camera/blob/main/CVE-2025-25983.md -~~	() https://github.com/vladko312/Research_v380_IP_camera/blob/main/CVE-2025-25983.md - Exploit

18 Apr 2025, 21:15

Type	Values Removed	Values Added
CWE		CWE-656 CWE-257
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 3.4

18 Apr 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-18 20:15

Updated : 2025-06-25 18:43

NVD link : CVE-2025-25983

Mitre link : CVE-2025-25983

CVE.ORG link : CVE-2025-25983

JSON object : View

Products Affected

macro-video

v380_pro

CWE

CWE-257

Storing Passwords in a Recoverable Format

CWE-656

Reliance on Security Through Obscurity

{"id": "CVE-2025-25983", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 3.4, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.7}]}, "published": "2025-04-18T20:15:16.137", "references": [{"url": "https://github.com/vladko312/Research_v380_IP_camera", "tags": ["Exploit", "Third Party Advisory", "Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/vladko312/Research_v380_IP_camera/blob/main/CVE-2025-25983.md", "tags": ["Exploit"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-257"}, {"lang": "en", "value": "CWE-656"}]}], "descriptions": [{"lang": "en", "value": "An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component."}, {"lang": "es", "value": "Un problema en Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64, permite a un atacante obtener informaci\u00f3n confidencial a trav\u00e9s del componente de uso compartido basado en c\u00f3digo QE."}], "lastModified": "2025-06-25T18:43:00.227", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:macro-video:v380_pro:2.1.44:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "27A271D8-1AC3-40E3-BC31-3A26236C95EB"}, {"criteria": "cpe:2.3:a:macro-video:v380_pro:2.1.64:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "4656A5CE-E2B1-44B7-99D6-600984FA5AE4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

3.4 /10