Date:2025/05/19
【Vulnerability Alert】The specific API of ZongYu Technology Parking Management System has a vulnerability
* Subject Description: 【Vulnerability Alert】The specific API of ZongYu Technology Parking Management System has a vulnerability
- Description:
- Forwarded by Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000010
- [ZongYu Technology Parking Management System - Missing Authentication] (CVE-2025-4557, CVSS: 9.1) The specific API of ZongYu Technology Parking Management System has a Missing Authentication vulnerability. Remote attackers without authentication can access specific API to operate system functions, including opening gates and restarting the system.
- Affected Platform:
- Parking Management System
- Recommended Actions:
- The affected product is no longer maintained. It is recommended to evaluate the adoption of alternative products.
- References:
- ZongYu Technology Parking Management System - Missing Authentication: https://www.twcert.org.tw/tw/cp-132-10112-5de7e-1.html
Network System Division
Computer and Communication Center9
