Denial of Service Vulnerability in Real-time Bus Tracking System by Synck
CVE-2025-43881

5.3MEDIUM

Key Information:

Vendor: Synck Graphica
Status: Real-time Bus Tracking System
Vendor: CVE Published:; 23 July 2025

🔔 Create Synck Graphica Vulnerability Alert

What is CVE-2025-43881?

An input validation issue in the Real-time Bus Tracking System allows attackers to exploit the administrative login, potentially leading to a denial of service condition. Attackers with access to the admin page can manipulate specified quantity inputs, resulting in service interruptions. This vulnerability affects versions prior to 1.1, making it imperative for users to upgrade to ensure system integrity and availability.

Affected Version(s)

Real-time Bus Tracking System versions prior to 1.1

References

https://www.synck.com/downloads/cgi-perl/buslocationsyste...

https://jvn.jp/en/jp/JVN21177718/

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2025
Vulnerability Reserved
Jul 16, 2025