CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-3652

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with arbitrary audio IDs to assign recordings to any device, then retrieve audio URLs to access other users' private recordings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.3%

CVSS Severity

CVSS v3 Score 5.3

References

https://bobdahacker.com/blog/petlibro
https://www.vulncheck.com/advisories/petlibro-smart-pet-feeder-platform-through-audio-information-disclosure-via-api-endpoint

Products affected by CVE-2025-3652

Petlibro » Petlibro » Version: Any

cpe:2.3:a:petlibro:petlibro:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-3652

Products

Pricing

Contact Us