CVE-2025-2388 | Keytop 路内停车收费系统 2.7.1 API getParks improper authentication
A vulnerability was found in Keytop 路内停车收费系统 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authentication.
This vulnerability is known as CVE-2025-2388. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to apply restrictive firewalling.