1. Home
  2. CVE Database
  3. CVE-2025-20620
HIGH · 7.5

CVE-2025-20620

SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may obtain the administrative password of the web management pag...

Vulnerability Description

SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may obtain the administrative password of the web management page.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2025-20620?

CVE-2025-20620 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may obtain the administrative password of the web management pag...

How severe is CVE-2025-20620?

CVE-2025-20620 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-20620?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.