Plaintext Credential Transmission Vulnerability in Vatilon Product by Vatilon
CVE-2025-67159

Currently unrated

Key Information:

Vendor: Vatilon
Status: Vatilon
Vendor: CVE Published:; 2 January 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-67159?

A vulnerability has been identified in Vatilon version 1.12.37-20240124, where user credentials are transmitted in plaintext. This flaw poses a significant security risk as it exposes sensitive information to potential interception during data transmission. Users of this version should take immediate precautions to secure their credentials while a patch or update is awaited.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-67159
Created by Remenis

References

http://vatilon.com

https://github.com/Remenis/CVE-2025-67159

Timeline

Vulnerability published
Jan 2, 2026
🟡
Public PoC available
Jan 1, 2026
👾
Exploit known to exist
Jan 1, 2026
Vulnerability Reserved
Dec 8, 2025

JSON