CVE-2025-1881

MEDIUM

i-Drive i11-i12 <20250227 - Improper Access Controls

Title source: llm

Description

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotely. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life.

References (4)

Core 4

Core References

Permissions Required vdb-entry

https://vuldb.com/?id.298195

Permissions Required signature permissions-required

https://vuldb.com/?ctiid.298195

Third Party Advisory third-party-advisory

https://vuldb.com/?submit.510952

Third Party Advisory related

https://github.com/geo-chen/i-Drive

View Writeup ZIP pw:eip

Scores

CVSS v3 4.3

EPSS 0.0031

EPSS Percentile 22.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-266 CWE-284

Status published

Products (2)

i-drive/i11_firmware < 20250227

i-drive/i12_firmware < 20250227

Published Mar 03, 2025

Tracked Since Feb 18, 2026