CVE-2025-52351
Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users in plaintext via email and also includes the same password as a query parameter in the account activation URL e.g., https://domain.com/activate=xyz. This practice can result in password exposure via...