CVE-2025-40807
MEDIUMDescription
A vulnerability has been identified in Gridscale X Prepay (All versions < V4.2.1). The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions.
Is your site exposed to CVE-2025-40807?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| siemens | gridscale_x_prepay |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-40807? +
How severe is CVE-2025-40807? +
What products are affected by CVE-2025-40807? +
How do I check if I'm vulnerable to CVE-2025-40807? +
Related Vulnerabilities
Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key …
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with …
Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a vulnerability in Time-based One-Time Password …
"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie …
The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic …
Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the …