VYPR
Unrated severityNVD Advisory· Published Nov 19, 2025· Updated Nov 19, 2025

Unauthenticated log access in Twonky Server

CVE-2025-13315

Description

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Lynxtechnology/Twonky Serverv5
    Range: 8.5.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.