CAPTCHA Bypass Vulnerability in SendQuick Entera Devices
CVE-2025-26312

5.3MEDIUM

Key Information:

Vendor: Sendquick
Status: Entera
Vendor: CVE Published:; 14 March 2025

What is CVE-2025-26312?

SendQuick Entera devices, prior to version 11HF5, exhibit a vulnerability that allows attackers to bypass CAPTCHA authentication by manipulating the captcha parameter. This weakness can potentially enable unauthorized access and exploitation of the device functionalities. It is crucial for users of SendQuick Entera devices to apply any available updates to mitigate this security risk.

Affected Version(s)

Entera 0

References

https://medium.com/@retro.metro/cve-2025-26312-captcha-by...

https://www.sendquick.com/products/sendquick-entera/

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2025

JSON

Sendquick

What is CVE-2025-26312?

Affected Version(s)

References

CVSS V4

Timeline