What is CVE-2025-3652?

CVE-2025-3652 is a medium-severity vulnerability in Petlibrio Smart Pet Feeder Platform, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 5.3/10. Published 2026-01-03.

How severe is CVE-2025-3652?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Petlibrio Smart Pet Feeder Platform

CVE-2025-3652

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Att…

EPSS: 0.000 (11.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Petlibrio Smart Pet Feeder Platform — versions Unknown

Weakness classification (CWE)

CWE-288 — Authentication Bypass Using an Alternate Path or Channel

References

Security Research: Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks (third-party-advisory, technical-description)
VulnCheck Advisory: Petlibro Smart Pet Feeder Platform through 1.7.31 Audio Information Disclosure via API endpoint (third-party-advisory)

Frequently asked questions

What is CVE-2025-3652?: CVE-2025-3652 is a medium-severity vulnerability in Petlibrio Smart Pet Feeder Platform, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 5.3/10. Published 2026-01-03.
How severe is CVE-2025-3652?: Medium severity. CVSS v3 base score is 5.3 out of 10.