Medium severityNVD Advisory· Published Aug 27, 2025· Updated Apr 15, 2026

CVE-2025-30048

Description

The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication.

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.