CVE Catalog
CVE-2025-44619
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk0.40%
32th percentile - higher than 32% of all known CVEs
Summary
The Tinxy WiFi Lock Controller v1 RF was found configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication.
Risk Assessment
Attackers can gain unauthorized network access, intercept traffic, or remotely manipulate the lock, posing risks to physical security and data integrity.
Recommendation
Reconfigure the controller to use a secured Wi-Fi network (e.g., WPA2/WPA3) and update the firmware to the latest version.
Original NVD description (English source)
Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication.

