CVE-2025-58743

HIGH

Milner ImageDirector Capture <7.6.3.25808 - Use After Free

Title source: llm

Description

Use of a Broken or Risky Cryptographic Algorithm (DES) vulnerability in the Password class in C2SConnections.dll in Milner ImageDirector Capture on Windows allows Encryption Brute Forcing to obtain database credentials.This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.

References (1)

[Third Party Advisory] https://sra.io/advisories

Scores

CVSS v3 7.5

EPSS 0.0001

EPSS Percentile 0.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-327

Status published

Affected Products (1)

milner/imagedirector_capture < 7.6.3.25808

Timeline

Published Jan 20, 2026

Tracked Since Feb 18, 2026