【Vulnerability Alert】The specific API of ZongYu Technology Parking Management System has a vulnerability

* Subject Description: 【Vulnerability Alert】The specific API of ZongYu Technology Parking Management System has a vulnerability

• Description:
  • Forwarded by Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000010
  • [ZongYu Technology Parking Management System - Missing Authentication] (CVE-2025-4557, CVSS: 9.1) The specific API of ZongYu Technology Parking Management System has a Missing Authentication vulnerability. Remote attackers without authentication can access specific API to operate system functions, including opening gates and restarting the system.
• Affected Platform:
  • Parking Management System
• Recommended Actions:
  • The affected product is no longer maintained. It is recommended to evaluate the adoption of alternative products.
• References:
  • ZongYu Technology Parking Management System - Missing Authentication: https://www.twcert.org.tw/tw/cp-132-10112-5de7e-1.html

Network System Division
Computer and Communication Center9