Date Posted: 2025/06/11

【Vulnerability Alert】Hongding Technology Smart Parking Management System Has 2 Major Security Vulnerabilities

  • Subject: 【Vulnerability Alert】Hongding Technology Smart Parking Management System Has 2 Major Security Vulnerabilities
  • Content:
    • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202506-00000004
    • 【Hongding Technology Smart Parking Management System - Exposure of Sensitive Information】(CVE-2025-5893, CVSS: 9.8) The Hongding Technology Smart Parking Management System has an Exposure of Sensitive Information vulnerability. An unauthenticated remote attacker can access specific pages to obtain plaintext administrator account passwords.
    • 【Hongding Technology Smart Parking Management System - Missing Authorization】(CVE-2025-5894, CVSS: 8.8) The Hongding Technology Smart Parking Management System has a Missing Authorization vulnerability. A remote attacker who has obtained general privileges can access specific functions to add an administrator account and use that account to log in to the system.
  • Affected Platforms:
    • Smart Parking Management System versions 1.0 to 1.4
  • Suggested Measures:
    • Update to version 1.5 or later
  • References:
    1. https://www.twcert.org.tw/tw/cp-132-10167-39c6d-1.html
    2. https://www.twcert.org.tw/tw/cp-132-10170-e2435-1.html

Computer and Communications Center
Network Systems Division