CVE-2025-4555 – Okcat Parking Management Platform ZONG YU Authentication Bypass Vulnerability

May 12, 2025

CVE ID : CVE-2025-4555

Published : May 12, 2025, 3:15 a.m. | 26 minutes ago

Description : The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access system functions. These functions include opening gates, viewing license plates and parking records, and restarting the system.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4556 – Okcat Parking Management Platform ZONG YU Remote Code Execution (RCE)

Next Article CVE-2025-4554 – PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability

Highlights

CVE-2025-5865 – RT-Thread Parameter Handler Memory Corruption Vulnerability

June 9, 2025

CVE ID : CVE-2025-5865

Published : June 9, 2025, 7:15 a.m. | 2 hours, 23 minutes ago

Description : A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that “[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.”

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-4555 – Okcat Parking Management Platform ZONG YU Authentication Bypass Vulnerability

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

Tux Fishing is a 3D fishing game

Mongoose Now Natively Supports QE and CSFLE

Coding Careers Under Threat: Impacts of AI, No-Code Platforms, and Economic Pressures

CVE-2025-5147 – Netcore NBR1005GPEV2, NBR200V2, B6V2 Command Injection Vulnerability

CVE-2025-5865 – RT-Thread Parameter Handler Memory Corruption Vulnerability

CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

I switched to a $129 Android phone from my Pixel 9 Pro for a week – and didn’t mind it

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

CVE-2025-4555 – Okcat Parking Management Platform ZONG YU Authentication Bypass Vulnerability

Related Posts