CVE-2025-44619

CRITICAL

Tinxy WiFi Lock Controller v1 RF - Unauthenticated Network Access via Open Wi-Fi Configuration

Title source: llm
STIX 2.1

Description

Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication.

References (2)

Core 2
Core References
Broken Link, Not Applicable
http://tinxy.com
Not Applicable
http://wifi.com

Scores

CVSS v3 9.1
EPSS 0.0036
EPSS Percentile 27.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-284
Status published
Products (1)
tinxy/wifi_lock_controller_v1_rf_firmware
Published May 30, 2025
Tracked Since Feb 18, 2026