NVD HIGH: CVE-2025-13477 — Exposure of private personal information to an unauthorized actor, Insufficientl...

Thursday, May 21, 2026 at 02:16 PM UTC·Source: NIST NVD

Updated: Monday, May 25, 2026 at 03:00 AM UTC

Executive Summary

Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2025-13477

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 21, 2026. Verified by: NIST.

Related Threats

CRITICALVulnerabilityNEW

CISA flags two-year-old Oracle flaw as actively exploited in attacks

CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. [...]

54m agoBleepingComputer

CRITICALVulnerability

Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches

A stack-based buffer overflow bug can be exploited for remote code execution on a vulnerable device. The post Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches appeared first on SecurityWeek .

1h agoSecurityWeek

MEDIUMVulnerability

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked

Jason Koebler reports: Hackers say that they used Meta’s AI support chatbot to break into a host of high-profile Instagram profiles by asking the support bot to change the email address associated with the target account. The claims coincide with a series of high-profile Instagram account takeovers, including the Barack Obama White House account, the Chief Master... Source

1h agoDataBreaches.net