CVE-2025-0836 | Milestone Systems XProtect VMS prior 25.1.15990.2272 MIP Webhooks API authorization

Inserito da Angelo Barbosa | Dic 16, 2025 | CVE

A vulnerability marked as critical has been reported in Milestone Systems XProtect VMS. This impacts an unknown function of the component MIP Webhooks API. This manipulation causes missing authorization.

This vulnerability is tracked as CVE-2025-0836. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2025-0836 | Milestone Systems XProtect VMS prior 25.1.15990.2272 MIP Webhooks API authorization

Post correlati

CVE-2024-12399 | Schneider Electric Pro-face GP-Pro EX/Pro-face Remote HMI Communication Channel message integrity (SEVD-2025-014-02)

CVE-2023-6981 | WP SMS Plugin up to 6.5 on WordPress cross site scripting

CVE-2024-29650 | thi.ng paths up to 5.1.62 mut/mutInManyUnsafe Privilege Escalation

CVE-2024-37423 | Automattic Newspack Blocks Plugin up to 3.0.8 on WordPress path traversal