CVE-2025-46408

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT

Description

An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOW_ALL_HOSTNAME_VERIFIER, bypassing domain validation.

shinyColumn/CVE-2025-46408
shinyColumn/CVE-2025-46408
Improper Hostname Verification in EagleEyes Lite Android Application
GitHubGitHub
1