CVE-2025-58743

HIGH

Milner ImageDirector Capture <7.6.3.25808 - Use After Free

Title source: llm

Description

Use of a Broken or Risky Cryptographic Algorithm (DES) vulnerability in the Password class in C2SConnections.dll in Milner ImageDirector Capture on Windows allows Encryption Brute Forcing to obtain database credentials.This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.

References (1)

[Third Party Advisory] https://sra.io/advisories

Scores

CVSS v3 7.5

EPSS 0.0001

EPSS Percentile 1.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-327

Status published

Products (1)

milner/imagedirector_capture 7.0.9 - 7.6.3.25808

Published Jan 20, 2026

Tracked Since Feb 18, 2026