CVE-2025-41100

MEDIUM

ParkingDoor - Auth Bypass

Title source: llm

Description

Incorrect authentication vulnerability in ParkingDoor. Through this vulnerability it is possible to operate the device without the access being logged in the application and even if the access permissions have been revoked.

References (1)

[Third Party Advisory] https://www.incibe.es/en/incibe-cert/notices/aviso/incorrect-authentication-parkingdoor

Scores

CVSS v4 5.9

EPSS 0.0003

EPSS Percentile 9.3%

CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1284

Status published

Products (1)

ParkingDoor/ParkingDoor 2016.08.11.1

Published Jul 21, 2025

Tracked Since Feb 18, 2026