Critical severity10.0NVD Advisory· Published Jan 13, 2026· Updated Apr 15, 2026
CVE-2025-40805
CVE-2025-40805
Description
Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has learned the identity of a legitimate user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.