CVE-2025-25749
HIGHDescription
An issue in HotelDruid version 3.0.7 and earlier allows users to set weak passwords due to the lack of enforcement of password strength policies.
Is your site exposed to CVE-2025-25749?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| digitaldruid | hoteldruid |
References
Frequently Asked Questions
What is CVE-2025-25749? +
How severe is CVE-2025-25749? +
What products are affected by CVE-2025-25749? +
How do I check if I'm vulnerable to CVE-2025-25749? +
Related Vulnerabilities
No password for the root user is set in Novakon P series. This allows phyiscal attackers to enter the console …
KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any …
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through …
Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After …
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain …
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over …