CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-3660

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control vulnerability that allows authenticated users to access other users' pet data by exploiting missing ownership verification. Attackers can send requests to /member/pet/detailV2 with arbitrary pet IDs to retrieve sensitive information including pet details, member IDs, and avatar URLs without proper authorization checks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.9%

CVSS Severity

CVSS v3 Score 6.5

References

https://bobdahacker.com/blog/petlibro
https://www.vulncheck.com/advisories/petlibro-smart-pet-feeder-platform-through-broken-access-control-via-api-endpoint

Products affected by CVE-2025-3660

Petlibro » Petlibro » Version: Any

cpe:2.3:a:petlibro:petlibro:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-3660

Products

Pricing

Contact Us