CWE-1393
Use of Default Password
The product uses default passwords for potentially critical functionality.
CVE-2023-45249 (GCVE-0-2023-45249)
Vulnerability from cvelistv5
Published
2024-07-24 14:03
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Acronis | Acronis Cyber Infrastructure |
Version: unspecified ≤ |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cyber_infrastructure",
"vendor": "acronis",
"versions": [
{
"lessThan": "5.0.1-61",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.1.1-71",
"status": "affected",
"version": "5.1.1",
"versionType": "semver"
},
{
"lessThan": "5.2.1-69",
"status": "affected",
"version": "5.2.1",
"versionType": "semver"
},
{
"lessThan": "5.3.1-53",
"status": "affected",
"version": "5.3.1",
"versionType": "semver"
},
{
"lessThan": "5.4.4-132",
"status": "affected",
"version": "5.4.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cyber_infrastructure",
"vendor": "acronis",
"versions": [
{
"lessThan": "5.0.1-61",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.1.1-71",
"status": "affected",
"version": "5.1.1",
"versionType": "semver"
},
{
"lessThan": "5.2.1-69",
"status": "affected",
"version": "5.2.1",
"versionType": "semver"
},
{
"lessThan": "5.3.1-53",
"status": "affected",
"version": "5.3.1",
"versionType": "semver"
},
{
"lessThan": "5.4.4-132",
"status": "affected",
"version": "5.4.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cyber_infrastructure",
"vendor": "acronis",
"versions": [
{
"lessThan": "5.0.1-61",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.1.1-71",
"status": "affected",
"version": "5.1.1",
"versionType": "semver"
},
{
"lessThan": "5.2.1-69",
"status": "affected",
"version": "5.2.1",
"versionType": "semver"
},
{
"lessThan": "5.3.1-53",
"status": "affected",
"version": "5.3.1",
"versionType": "semver"
},
{
"lessThan": "5.4.4-132",
"status": "affected",
"version": "5.4.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cyber_infrastructure",
"vendor": "acronis",
"versions": [
{
"lessThan": "5.0.1-61",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.1.1-71",
"status": "affected",
"version": "5.1.1",
"versionType": "semver"
},
{
"lessThan": "5.2.1-69",
"status": "affected",
"version": "5.2.1",
"versionType": "semver"
},
{
"lessThan": "5.3.1-53",
"status": "affected",
"version": "5.3.1",
"versionType": "semver"
},
{
"lessThan": "5.4.4-132",
"status": "affected",
"version": "5.4.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cyber_infrastructure",
"vendor": "acronis",
"versions": [
{
"lessThan": "5.0.1-61",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.1.1-71",
"status": "affected",
"version": "5.1.1",
"versionType": "semver"
},
{
"lessThan": "5.2.1-69",
"status": "affected",
"version": "5.2.1",
"versionType": "semver"
},
{
"lessThan": "5.3.1-53",
"status": "affected",
"version": "5.3.1",
"versionType": "semver"
},
{
"lessThan": "5.4.4-132",
"status": "affected",
"version": "5.4.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45249",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T03:55:10.296968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-45249"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:36.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2023-45249 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:19.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SEC-6452",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-6452"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"ACI"
],
"product": "Acronis Cyber Infrastructure",
"vendor": "Acronis",
"versions": [
{
"lessThan": "5.0.1-61",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ACI"
],
"product": "Acronis Cyber Infrastructure",
"vendor": "Acronis",
"versions": [
{
"lessThan": "5.1.1-71",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ACI"
],
"product": "Acronis Cyber Infrastructure",
"vendor": "Acronis",
"versions": [
{
"lessThan": "5.2.1-69",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ACI"
],
"product": "Acronis Cyber Infrastructure",
"vendor": "Acronis",
"versions": [
{
"lessThan": "5.3.1-53",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"ACI"
],
"product": "Acronis Cyber Infrastructure",
"vendor": "Acronis",
"versions": [
{
"lessThan": "5.4.4-132",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:26:15.624Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-6452",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-6452"
},
{
"url": "https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2023-45249",
"datePublished": "2024-07-24T14:03:56.481Z",
"dateReserved": "2023-10-05T21:47:00.379Z",
"dateUpdated": "2025-07-30T01:36:36.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13966 (GCVE-0-2024-13966)
Vulnerability from cvelistv5
Published
2025-05-27 18:35
Modified
2025-07-14 14:58
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1393 - Use of Default Password
Summary
ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13966",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T19:11:38.601344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T19:13:08.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-07-14T14:58:38.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.zkteco.com/en/Security_Bulletinsibs/18"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "BioTime",
"vendor": "ZKTeco",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"datePublic": "2024-03-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value \u0027123456\u0027. Users should change their passwords (located under the Attendance Settings tab as \"Self-Password\")."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
},
{
"other": {
"content": {
"id": "CVE-2024-13966",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T18:35:12.241202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393 Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T19:08:03.803Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://krashconsulting.com/fury-of-fingers-biotime-rce/"
},
{
"name": "url",
"url": "https://zkteco-store.ru/wp-content/uploads/2023/09/ZKBio-CVSecurity-6.0.0-User-Manual_EN-v1.0_20230616.pdf"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13966"
},
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-148-01.json"
}
],
"title": "ZKTeco BioTime default password"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-13966",
"datePublished": "2025-05-27T18:35:31.706Z",
"dateReserved": "2025-05-23T16:23:34.914Z",
"dateUpdated": "2025-07-14T14:58:38.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51555 (GCVE-0-2024-51555)
Vulnerability from cvelistv5
Published
2024-12-05 12:59
Modified
2025-08-28 14:38
Severity ?
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-1393 - Use of Default Password
Summary
Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.
Affected products:
ABB ASPECT - Enterprise v3.07.02;
NEXUS Series v3.07.02;
MATRIX Series v3.07.02
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | ABB | ASPECT-Enterprise |
Version: 0 < |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51555",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:28:57.223663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:38:07.783Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ASPECT-Enterprise",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "3.07.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "NEXUS Series",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "3.07.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "MATRIX Series",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "3.07.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.\u0026nbsp;\u003cbr\u003eAffected products:\u003cbr\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eABB ASPECT - Enterprise v3.07.02; \u003cbr\u003eNEXUS Series v3.07.02; \u003cbr\u003eMATRIX Series v3.07.02\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.\u00a0\nAffected products:\n\n\nABB ASPECT - Enterprise v3.07.02; \nNEXUS Series v3.07.02; \nMATRIX Series v3.07.02"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393 Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T12:59:44.713Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Force Change of Default Credentials",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-51555",
"datePublished": "2024-12-05T12:59:44.713Z",
"dateReserved": "2024-10-29T11:48:58.139Z",
"dateUpdated": "2025-08-28T14:38:07.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43021 (GCVE-0-2025-43021)
Vulnerability from cvelistv5
Published
2025-07-22 23:03
Modified
2025-07-23 20:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1393 - Use of Default Password
Summary
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | Poly Clariti Manager |
Version: See HP Security Bulletin reference for affected versions. |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43021",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T20:08:55.434389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T20:09:03.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Poly Clariti Manager",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eA potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.\u003c/span\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393: Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T23:11:58.549Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Poly Clariti Manager - Multiple Security Vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2025-43021",
"datePublished": "2025-07-22T23:03:32.074Z",
"dateReserved": "2025-04-16T13:49:21.689Z",
"dateUpdated": "2025-07-23T20:09:03.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9589 (GCVE-0-2025-9589)
Vulnerability from cvelistv5
Published
2025-08-28 21:32
Modified
2025-08-29 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1393 - Use of Default Password
Summary
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
References
| ▼ | URL | Tags |
|---|---|---|
| https://vuldb.com/?id.321761 | vdb-entry | |
| https://vuldb.com/?ctiid.321761 | signature, permissions-required | |
| https://vuldb.com/?submit.636138 | third-party-advisory | |
| https://github.com/ZZ2266/.github.io/tree/main/Cudy | related | |
| https://github.com/ZZ2266/.github.io/tree/main/Cudy#steps-to-reproduce | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9589",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T17:04:50.330403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T17:06:04.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WR1200EA",
"vendor": "Cudy",
"versions": [
{
"status": "affected",
"version": "2.3.7-20250113-121810"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n0ps1ed (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Cudy WR1200EA 2.3.7-20250113-121810 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /etc/shadow. Die Bearbeitung verursacht use of default password. Der Angriff hat dabei lokal zu erfolgen. Ein Angriff erfordert eine vergleichsweise hohe Komplexit\u00e4t. Die Ausnutzbarkeit gilt als schwierig. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1,
"vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T21:32:07.077Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-321761 | Cudy WR1200EA shadow default password",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.321761"
},
{
"name": "VDB-321761 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.321761"
},
{
"name": "Submit #636138 | Cudy Cudy WR1200EA Router 2.3.7 Password Hash With Insufficient Computational Effort",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.636138"
},
{
"tags": [
"related"
],
"url": "https://github.com/ZZ2266/.github.io/tree/main/Cudy"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ZZ2266/.github.io/tree/main/Cudy#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-08-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-08-28T16:47:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "Cudy WR1200EA shadow default password"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-9589",
"datePublished": "2025-08-28T21:32:07.077Z",
"dateReserved": "2025-08-28T14:42:15.410Z",
"dateUpdated": "2025-08-29T17:06:04.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Requirements
Description:
- Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.
Mitigation
Phase: Documentation
Description:
- Ensure that product documentation clearly emphasizes the presence of default passwords and provides steps for the administrator to change them.
Mitigation
Phase: Architecture and Design
Description:
- Force the administrator to change the credential upon installation.
Mitigation
Phases: Installation, Operation
Description:
- The product administrator could change the defaults upon installation or during operation.
No CAPEC attack patterns related to this CWE.