PatchSiren cyber security CVE debrief
CVE-2025-7630 Doruk Communication and Automation Industry and Trade Inc. CVE debrief
CVE-2025-7630 is a MEDIUM-severity vulnerability (CVSS Score: 5.3) affecting Doruk Communication and Automation Industry and Trade Inc.'s Wispotter product. The vulnerability, classified as CWE-287 and CWE-307, allows for Password Brute Forcing and Brute Force attacks due to Improper Restriction of Excessive Authentication Attempts and Improper Authentication.
- Vendor
- Doruk Communication and Automation Industry and Trade Inc.
- Product
- Wispotter
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-18
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-02-18
- Advisory updated
- 2026-06-05
Who should care
Users of Wispotter versions from 1.0 up to but not including v2025.10.08.1 should apply patches or mitigations to prevent brute-force attacks.
Technical summary
The vulnerability affects Wispotter from version 1.0 up to but not including v2025.10.08.1. It allows attackers to perform brute-force attacks due to inadequate authentication mechanisms.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply the patch or update to Wispotter version v2025.10.08.1 or later.
- Implement additional security measures such as rate limiting on authentication attempts.
- Monitor for suspicious authentication activity.
Evidence notes
Evidence from official sources indicates this vulnerability was published on 2026-02-18T13:16:19.677Z and last modified on 2026-06-05T15:16:44.937Z.
Official resources
CVE-2025-7630 was published on 2026-02-18T13:16:19.677Z and last modified on 2026-06-05T15:16:44.937Z.