CVE-2025-4555CRITICAL 9.8EPSS p40.1%

CVE-2025-4555CVE-2025-4555

Description

The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access system functions. These functions include opening gates, viewing license plates and parking records, and restarting the system.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.52% probability of exploitation · percentile 40.1% · 2026-06-19T12:03:05Z
Published2025-05-12
Last modified2026-04-15

Underlying weaknesses· 1

CWE-306

References

  1. https://www.twcert.org.tw/en/cp-139-10109-25719-2.html
  2. https://www.twcert.org.tw/tw/cp-132-10108-f77f5-1.html

1

TypeTargetConfidenceTier
WeaknessMissing Authentication for Critical Functioncwe-3060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-4557
CVE
CVE-2025-4556
CVE
CVE-2025-5894
CVE
CVE-2025-5893
CVE
CVE-2026-10243
CVE
CVE-2025-45615
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.