PatchSiren cyber security CVE debrief
CVE-2025-69114 ThemeREX CVE debrief
CVE-2025-69114 is an Unauthenticated Local File Inclusion vulnerability affecting MaxiNet versions less than or equal to 1.2.10. The vulnerability has a CVSS score of 8.1 and is classified as HIGH severity. This type of vulnerability could allow an attacker to access sensitive files on the system, potentially leading to unauthorized data disclosure or system compromise. Users of MaxiNet versions less than or equal to 1.2.10 should be aware of this vulnerability and take necessary actions to mitigate it.
- Vendor
- ThemeREX
- Product
- MaxiNet
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-17
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-06-17
- Advisory updated
- 2026-06-17
Who should care
Users of MaxiNet versions less than or equal to 1.2.10 should be aware of this vulnerability and take necessary actions to mitigate it. This includes reviewing official advisories, applying patches or updates, and monitoring for suspicious activity. Operators, administrators, and security teams responsible for MaxiNet deployments should prioritize patching or mitigating this vulnerability due to its high severity and potential impact.
Technical summary
The vulnerability is caused by an unauthenticated local file inclusion issue in MaxiNet versions less than or equal to 1.2.10. This could allow an attacker to access sensitive files on the system, potentially leading to unauthorized data disclosure or system compromise. The vulnerability has a CVSS score of 8.1, indicating high severity. Users should review official advisories and apply patches or updates to mitigate this vulnerability.
Defensive priority
High priority should be given to patching or mitigating this vulnerability due to its high severity and potential impact.
Recommended defensive actions
- Apply the patch or update to a version greater than 1.2.10
- Restrict access to sensitive files and directories
- Monitor for suspicious activity
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-06-17T13:19:17.383Z and last modified on 2026-06-17T14:45:15.717Z. The NVD entry is currently Deferred. The vulnerability has been reported in MaxiNet versions less than or equal to 1.2.10. Users should verify their deployments and review official advisories for affected scope and vendor guidance.
Official resources
-
CVE-2025-69114 CVE record
CVE.org
-
CVE-2025-69114 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T13:19:17.383Z and has not been modified since then. The NVD entry is currently Deferred.