CVE-2025-58742

MEDIUM

Milner ImageDirector Capture <7.6.3.25808 - SSRF

Title source: llm

Description

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle (AiTM) by modifying the 'Server' field to redirect client authentication.This issue affects ImageDirector Capture: from 7.0.9 before 7.6.3.25808.

References (1)

[Third Party Advisory] https://sra.io/advisories

Scores

CVSS v3 5.9

EPSS 0.0004

EPSS Percentile 13.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-522 CWE-923

Status published

Products (1)

milner/imagedirector_capture 7.0.9 - 7.6.3.25808

Published Jan 20, 2026

Tracked Since Feb 18, 2026