CVE-2025-0681 New Rock Technologies Cloud Connected Devices Improper Neutralization of Wildcards or Matching Symbols

🗓️ 30 Jan 2025 18:53:09Reported by icscertType

CVE-2025-0681 allows attackers to access sensitive data via Cloud MQTT wildcard subscriptions.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2025-0681	30 Jan 202511:00	–	circl
CNNVD	New Rock Cloud Connected Devices 安全漏洞	30 Jan 202500:00	–	cnnvd
CVE	CVE-2025-0681	30 Jan 202518:53	–	cve
EUVD	EUVD-2025-1813	3 Oct 202520:07	–	euvd
NVD	CVE-2025-0681	30 Jan 202519:15	–	nvd
Positive Technologies	PT-2025-4000 · New Rock Technologies · Mx8G Voip Gateway +2	30 Jan 202500:00	–	ptsecurity
Vulnrichment	CVE-2025-0681 New Rock Technologies Cloud Connected Devices Improper Neutralization of Wildcards or Matching Symbols	30 Jan 202518:53	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "OM500 IP-PBX",
    "vendor": "New Rock Technologies",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MX8G VoIP Gateway",
    "vendor": "New Rock Technologies",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NRP1302/P Desktop IP Phone",
    "vendor": "New Rock Technologies",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-25-030-02
newrocktech	www.newrocktech.com/ContactUs/index.html

30 Jan 2025 18:53Current

CVSS 3.16.2

CVSS 46.9

EPSS0.00062

CWE-155