CVE-2025-11190

Description

The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website.

INFO

Published Date :

2025-10-10T11:03:33.596Z

Last Modified :

2025-11-03T17:31:41.247Z

Source :

certcc

AFFECTED PRODUCTS

The following products are affected by CVE-2025-11190 vulnerability.

Vendors	Products
Synchroweb	Kiwire

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-11190.

URL	Resource
https://www.kb.cert.org/vuls/id/887923
https://www.synchroweb.com/release-notes/kiwire/security

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact