CVE-2025-62642

The Restaurant Brands International RBI assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user account creation, allowing a remote unauthenticated attacker to create a user account...

CVE-2025-62651

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

CVE-2025-62646

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between associates and Drive Thru customers...

CVE-2025-62643

The Restaurant Brands International RBI assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages...

CVE-2025-62649

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders...

CVE-2025-62649

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders...

CVE-2025-62651

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

CVE-2025-62650

The Restaurant Brands International RBI assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen...

CVE-2025-62646

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between associates and Drive Thru customers...

CVE-2025-62648

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

CVE-2025-62648

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

CVE-2025-62647

The Restaurant Brands International RBI assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload URL, for any store's path...

CVE-2025-62648

CVE-2025-62648 affects Restaurant Brands International (RBI) assistant platform versions up to 2025-09-06. The connected CSAF document details multiple vulnerabilities: an unauthenticated account creation path via a signup API, cleartext transmission of passwords in email, a token with administra...

CVE-2025-62643

The RBI assistant platform (Restaurant Brands International) through 2025-09-06 is affected by multiple interconnected issues. Public sources describe a remote, unauthenticated signup weakness via an open signup API, enabling account creation without proper verification, and a separate vulnerabil...

CVE-2025-62648

The Restaurant Brands International RBI assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume...

CVE-2025-62642

The Restaurant Brands International RBI assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user account creation, allowing a remote unauthenticated attacker to create a user account...

CVE-2025-62651

The Restaurant Brands International RBI assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface...

Restaurant Brands International assistant platform 安全漏洞

Restaurant Brands International assistant platform is a restaurant back office platform from Restaurant Brands International. A security vulnerability exists in the Restaurant Brands International assistant platform version 2025-09-06 and earlier, which stems from an unimplemented access control ...

Restaurant Brands International assistant platform 安全漏洞

Restaurant Brands International assistant platform is a restaurant back office platform from Restaurant Brands International. A security vulnerability exists in the Restaurant Brands International assistant platform version 2025-09-06 and earlier, which stems from a dependency on client...

Restaurant Brands International assistant platform 安全漏洞

Restaurant Brands International assistant platform is a restaurant back office platform from Restaurant Brands International. A security vulnerability exists in Restaurant Brands International assistant platform version 2025-09-06 and earlier, which stems from the global store catalog sharing...