CVE-2025-66723

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.

audiopump/cve-2025-66723
audiopump/cve-2025-66723
CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network files to external parties
GitHubGitHub