{"vulnerability": "CVE-2025-4741", "sightings": [{"uuid": "24727629-ac77-4314-b40e-d2d38db505d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47419", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114462996084887280", "content": "", "creation_timestamp": "2025-05-06T21:25:13.263774Z"}, {"uuid": "452c9676-092d-4ac1-9813-c69a2f5847c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47419", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwinakpv2h", "content": "", "creation_timestamp": "2025-05-06T22:26:57.014958Z"}, {"uuid": "8a651be0-90dd-4a74-956a-6c8d419eacf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47418", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwioemp62l", "content": "", "creation_timestamp": "2025-05-06T22:27:03.308774Z"}, {"uuid": "a4c3b0c8-68ba-4940-8ba3-834f6993d946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47417", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwiohyb622", "content": "", "creation_timestamp": "2025-05-06T22:27:03.900332Z"}, {"uuid": "c094cc12-ce49-4cb7-97ea-44fe482d3e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47419", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lok3qxsv55l2", "content": "", "creation_timestamp": "2025-05-07T00:03:20.582595Z"}, {"uuid": "beb766a6-550b-4bb7-8904-245e1585ded4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47418", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lok42oow4ky2", "content": "", "creation_timestamp": "2025-05-07T00:14:12.111065Z"}, {"uuid": "93ce0d23-4e28-4502-964a-1c4cfe9031ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4741", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpbb3u2ndz2h", "content": "", "creation_timestamp": "2025-05-16T05:07:54.195675Z"}, {"uuid": "6f11cbd1-f585-42cf-aac2-4581629b23bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47410", "type": "seen", "source": "https://gist.github.com/Darkcrai86/891227fba2ca9f422ff2def79187e67b", "content": "", "creation_timestamp": "2025-10-20T06:45:39.000000Z"}, {"uuid": "956348b5-f4ad-4826-a37a-ccfcda8dd202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47410", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3m4b64mionk2v", "content": "", "creation_timestamp": "2025-10-28T14:42:09.697886Z"}, {"uuid": "36146381-0610-4621-9105-2449a57672db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47410", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m3fqd3it572k", "content": "", "creation_timestamp": "2025-10-17T16:53:19.773358Z"}, {"uuid": "29d2ee37-e087-4842-a634-c434e2c4443f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47410", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/57", "content": "", "creation_timestamp": "2025-10-17T14:32:17.000000Z"}, {"uuid": "4fd637ae-aaf5-4f0b-8b83-8a1e7325db89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mb5gnmjz2o2u", "content": "", "creation_timestamp": "2025-12-29T18:10:27.126722Z"}, {"uuid": "b7cd2096-bf5c-4520-81e7-cfe17b25fb8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/319", "content": "", "creation_timestamp": "2025-12-29T16:24:43.000000Z"}, {"uuid": "3712d50a-6133-4498-a1d4-1f921890db45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mbbayoybp42g", "content": "", "creation_timestamp": "2025-12-31T06:39:36.876704Z"}, {"uuid": "e86dc0dd-bc38-4fac-9517-733618a207b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mbbhdo4r7er2", "content": "", "creation_timestamp": "2025-12-31T08:34:25.259369Z"}, {"uuid": "eec8fd0e-eea3-49e9-82e6-8b2386ec23d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mbbhe2i6fnb2", "content": "", "creation_timestamp": "2025-12-31T08:34:26.336446Z"}, {"uuid": "71760135-93eb-4741-8d39-98566ba838f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-b80f5d31-7a635327c133214d", "content": "", "creation_timestamp": "2025-12-31T09:14:29.009618Z"}, {"uuid": "f54ae699-b6fe-47b6-9c26-8e40431e20e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbezkxb5nn2g", "content": "", "creation_timestamp": "2026-01-01T18:37:17.560241Z"}, {"uuid": "00aadb7f-6b0f-4611-a966-bc58ebc24283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "https://gist.github.com/Darkcrai86/828f7cb56430833bb6a62fb165a50c46", "content": "", "creation_timestamp": "2026-01-02T07:57:54.000000Z"}, {"uuid": "93ec2a65-82ee-4a0b-aa05-f657b42d6a21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-47411", "type": "seen", "source": "https://gist.github.com/alon710/bec16f924e24fc14887fe0e28c74207b", "content": "", "creation_timestamp": "2026-01-24T22:43:34.000000Z"}, {"uuid": "d350ee38-d1bc-4870-9bd4-b660098f42ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "seen", "source": "Telegram/W5TN0cicaU2jBrJWqqNsq1vVFaP23IzBfdE6nX--xWy0x0g", "content": "", "creation_timestamp": "2026-01-02T18:52:14.000000Z"}, {"uuid": "f69d23fd-aaa0-4775-b599-04ce2b741354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47411", "type": "published-proof-of-concept", "source": "Telegram/qOZ2r4xRzPVMqHinUj39Gu9PbW29JKKteUw1FN_MXLxRZs4", "content": "", "creation_timestamp": "2026-01-02T21:54:03.000000Z"}, {"uuid": "bee4e0aa-769a-4411-ac86-42a27b6cf4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47419", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15231", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47419\n\ud83d\udd25 CVSS Score: 10 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic.\n\nThe device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords.\n\n\nThis issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.\n\ud83d\udccf Published: 2025-05-06T20:52:44.604Z\n\ud83d\udccf Modified: 2025-05-06T20:52:44.604Z\n\ud83d\udd17 References:\n1. https://security.crestron.com/\n2. https://www.crestron.com/Software-Firmware/Software/Automate-VX-Software/6-4-1-8\n3. https://www.crestron.com/release_notes/automate_vx_6.4.1.8_release_notes.pdf", "creation_timestamp": "2025-05-06T21:21:41.000000Z"}, {"uuid": "26751124-a2b9-4480-94ae-ff142d793d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47417", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47417\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse.\n\n\n\nWhen Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible indication that this is being done.\n\n\nThis issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.\n\ud83d\udccf Published: 2025-05-06T19:49:09.288Z\n\ud83d\udccf Modified: 2025-05-06T19:49:09.288Z\n\ud83d\udd17 References:\n1. https://security.crestron.com\n2. https://www.crestron.com/Software-Firmware/Software/Automate-VX-Software/6-4-1-8\n3. https://www.crestron.com/release_notes/automate_vx_6.4.1.8_release_notes.pdf", "creation_timestamp": "2025-05-06T20:21:21.000000Z"}, {"uuid": "f45b04de-c5a0-4cfa-983c-bc4f0600868c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4741", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16612", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4741\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pages/purchase_add.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-16T03:00:07.068Z\n\ud83d\udccf Modified: 2025-05-16T03:00:07.068Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309041\n2. https://vuldb.com/?ctiid.309041\n3. https://vuldb.com/?submit.570913\n4. https://github.com/snkercyber/CVE/issues/1\n5. https://www.campcodes.com/", "creation_timestamp": "2025-05-16T03:34:25.000000Z"}, {"uuid": "db18518b-c370-47d7-83cf-9106ffe7f767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47419", "type": "seen", "source": "Telegram/ng92ZmF1T0EaBo1cVgyPoMyZAHswxNuhcyAkNHTqEHzaMcE", "content": "", "creation_timestamp": "2025-05-06T23:30:23.000000Z"}, {"uuid": "c67861dd-3a3a-48f8-8792-eed09a05e4c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47417", "type": "seen", "source": "https://t.me/cvedetector/24655", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47417 - Crestron Automate VX Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-47417 \nPublished : May 6, 2025, 8:15 p.m. | 2\u00a0hours ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse.  \n  \n  \n  \nWhen Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible indication that this is being done.  \n  \n  \nThis issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T00:31:32.000000Z"}, {"uuid": "45ac3e2e-c1fe-4e77-af71-776309af91e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47418", "type": "seen", "source": "https://t.me/cvedetector/24649", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47418 - Crestron Automate VX Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-47418 \nPublished : May 6, 2025, 9:16 p.m. | 59\u00a0minutes ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse.  \n  \nThere is no visible indication when the system is recording and recording can be enabled remotely via a network API.   \nThis issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T00:31:24.000000Z"}, {"uuid": "a8c38f19-4eb5-4650-be52-436a10d6480e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47419", "type": "seen", "source": "https://t.me/cvedetector/24650", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47419 - Crestron Automate VX Insecure Communication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-47419 \nPublished : May 6, 2025, 9:16 p.m. | 59\u00a0minutes ago \nDescription : Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic.  \n  \nThe device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords.  \n  \n  \nThis issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T00:31:25.000000Z"}]}