High severity8.6NVD Advisory· Published Mar 19, 2025· Updated Apr 15, 2026
CVE-2025-30236
CVE-2025-30236
Description
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <9.4.515
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.