Sensitive Information Exposure in AVTECH EagleEyes Lite by AVTECH
CVE-2025-50110

8.8HIGH

Key Information:

Vendor: AVTECH
Status: EagleEyes Lite
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-50110?

In AVTECH EagleEyes Lite 2.0.0, a vulnerability has been identified in the GetHttpsResponse method, which transmits sensitive information in plaintext through HTTPS. This includes internal server URLs, account IDs, passwords, and device tokens, posing a significant risk of information leakage which could be exploited by malicious actors.

References

https://github.com/shinyColumn/CVE-2025-50110

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Jul 11, 2025

JSON