CVE-2025-3654 - Petlibro Smart Pet Feeder Platform through 1.7.31 Information Disclosure via API

CVE ID : CVE-2025-3654 Published : Jan. 4, 2026, 12:15 a.m. | 17 minutes ago Description : Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware information by exploiting insecure API endpoints. Attackers can retrieve device serial numbers and MAC addresses through /device/devicePetRelation/getBoundDevices using pet IDs, enabling full device control without proper authorization checks. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Source: Telegram CVE Monitor