{"id":76061,"date":"2025-09-22T05:24:36","date_gmt":"2025-09-22T05:24:36","guid":{"rendered":""},"modified":"2025-10-14T11:18:20","modified_gmt":"2025-10-14T17:18:20","slug":"cve-2025-50110-sensitive-information-exposure-in-avtech-eagleeyes-lite-2-0-0","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-50110-sensitive-information-exposure-in-avtech-eagleeyes-lite-2-0-0\/","title":{"rendered":"CVE-2025-50110: Sensitive Information Exposure in AVTECH EagleEyes Lite 2.0.0<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The Common Vulnerabilities and Exposures (CVE) system has identified a significant vulnerability, labelled as CVE-2025-50110, in AVTECH’s EagleEyes Lite 2.0.0 software. This issue, discovered in the GetHttpsResponse method, causes the transmission of sensitive information, including but not limited to internal server URLs, account IDs, passwords, and device tokens, in plaintext query parameters over HTTPS. This poses a serious threat to businesses, organizations, and individuals using the affected software due to the potential for system<\/a> compromise and data leakage.
\nThe severity of this vulnerability<\/a> is underlined by its high CVSS Severity Score of 8.8, indicating a major risk. Given the widespread use of AVTECH’s software, it is vital that users understand the nature of this vulnerability<\/a>, its potential impact, and the steps necessary for mitigation.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-50110
\nSeverity: High (8.8 CVSS)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: System Compromise<\/a>, Data Leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n