Unrated severityNVD Advisory· Published Nov 19, 2025· Updated Nov 19, 2025
Unauthenticated log access in Twonky Server
CVE-2025-13315
Description
Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Lynxtechnology/Twonky Serverv5Range: 8.5.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.