5 matches found
CVE-2025-57605
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department...
AiKaan IoT management platform 安全漏洞
Aikaan IoT management platform is a management platform from Aikaan India. AiKaan IoT management platform suffers from a security vulnerability that stems from insufficiently hardened proxyuser accounts and the use of a shared hard-coded SSH private key, which could lead to remote code execution,...
AiKaan IoT Platform 安全漏洞
AiKaan IoT Platform is an edge device management platform from AiKaan India. AiKaan IoT Platform has a security vulnerability that stems from a lack of server-side authorization for departmental administrators to assign APIs, which could lead to unauthorized elevation of privileges...
Aikaan IoT management platform 安全漏洞
Aikaan IoT management platform is a management platform from Aikaan India. Aikaan IoT management platform version v3.25.0325-5-g2e9c59796 has a security vulnerability that originates from sending a new password in clear text, which could lead to password exposure...
CVE-2025-52351
CVE-2025-52351 affects Aikaan IoT management platform v3.25.0325-5-g2e9c59796. The vulnerability arises from sending a newly generated password to users in plaintext via email and including the same password as a query parameter in the account activation URL (e.g., https://domain.com/activate=xyz...