From the provided screenshot, we can extract the following key information about the vulnerability: Vulnerability Title: Akuvox Smart Intercom S539 Improper Access Control via ServicesHTTPAPI Severity: HIGH Release Date: December 30, 2025 Affected Products: Akuvox Smart Doorphone S539, S532, X916, X915, X912, X916 Akuvox Smart Intercom R20K-2, R20A-2, C313W-2, NS-2, NC-2, NX-2 Vulnerability ID and Classification: ZSL-2024-58337 CWE-862 Missing Authorization CVSS Score: CVSS: 4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N References: Zero Science Lab disclosure (ZSL-2024-5862) Packet Storm Security Exploit Entry CXSecurity Vulnerability Listing Vulnerability Description: Akuvox Smart Intercom S539 contains an improper access control vulnerability that allows users with 'User' privileges to modify API access settings and configurations. Attackers can exploit this vulnerability to escalate privileges and gain unauthorized access to administrative functionalities. Reporter: LiquidWorm as Gjoko Krstic of Zero Science Lab