High severity7.5NVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026
CVE-2018-25129
CVE-2018-25129
Description
SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilities that allow attackers to access sensitive user credentials. Attackers can retrieve authenticated and unauthenticated user password hashes and pins through unprotected endpoints like Get_Permissions_From_DB.php and Ac10_ReadSortCard.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 180612
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.