24h | 7d | 30d

Overview

  • Lynxtechnology
  • Twonky Server

19 Nov 2025
Published
19 Nov 2025
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
63.26%

KEV

Description

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password.

Statistics

  • 1 Post

Last activity: 9 hours ago

Bluesky

Profile picture
CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)
  • 0
  • 0
  • 0
  • 9h ago
Showing 11 to 11 of 11 CVEs