Vulnerability Details CVE-2025-13316
Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to Twonky Server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.7%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2025-13316
-
cpe:2.3:a:lynxtechnology:twonky_server:8.5.2
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-