Main Vulnerability Database Vulnerabilities #VU109968

#VU109968 Client-Side Enforcement of Server-Side Security in wivia 5 - CVE-2025-47697

Published: May 30, 2025

Vulnerability identifier: #VU109968

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-47697

CWE-ID: CWE-602

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
wivia 5

Software vendor:
UCHIDA YOKO

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficient server-side validation. A remote attacker can bypass authentication and operate the affected device as the moderator user.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://jvn.jp/en/jp/JVN51394666/index.html
https://www.uchida.co.jp/wivia/support02.html

#VU109968 Client-Side Enforcement of Server-Side Security in wivia 5 - CVE-2025-47697

Description

Remediation

External links

Please verify you're human