CWE-259
AllowedUse of Hard-coded Password
Abstraction: Variant · Status: Draft
The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
315 vulnerabilities reference this CWE, most recent first.
CVE-2025-54754 (GCVE-0-2025-54754)
Vulnerability from cvelistv5 – Published: 2025-09-18 21:06 – Updated: 2025-09-19 13:04| Vendor | Product | Version | |
|---|---|---|---|
| Cognex | In-Sight 2000 series |
Affected:
5.x , ≤ 6.5.1
(custom)
|
|
| Cognex | In-Sight 7000 series |
Affected:
5.x , ≤ 6.5.1
(custom)
|
|
| Cognex | In-Sight 8000 series |
Affected:
5.x , ≤ 6.5.1
(custom)
|
|
| Cognex | In-Sight 9000 series |
Affected:
5.x , ≤ 6.5.1
(custom)
|
|
| Cognex | In-Sight Explorer |
Affected:
5.x , ≤ 6.5.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T13:03:56.638904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:04:14.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "In-Sight 2000 series",
"vendor": "Cognex",
"versions": [
{
"lessThanOrEqual": "6.5.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "In-Sight 7000 series",
"vendor": "Cognex",
"versions": [
{
"lessThanOrEqual": "6.5.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "In-Sight 8000 series",
"vendor": "Cognex",
"versions": [
{
"lessThanOrEqual": "6.5.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "In-Sight 9000 series",
"vendor": "Cognex",
"versions": [
{
"lessThanOrEqual": "6.5.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "In-Sight Explorer",
"vendor": "Cognex",
"versions": [
{
"lessThanOrEqual": "6.5.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Giubertoni of Nozomi Networks reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with adjacent access, without authentication, can exploit \nthis vulnerability to retrieve a hard-coded password embedded in \npublicly available software. This password can then be used to decrypt \nsensitive network traffic, affecting the Cognex device."
}
],
"value": "An attacker with adjacent access, without authentication, can exploit \nthis vulnerability to retrieve a hard-coded password embedded in \npublicly available software. This password can then be used to decrypt \nsensitive network traffic, affecting the Cognex device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T21:06:15.053Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06"
}
],
"source": {
"advisory": "ICSA-25-261-06",
"discovery": "EXTERNAL"
},
"title": "Cognex In-Sight Explorer and In-Sight Camera Firmware Use of Hard-coded Password",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cognex reports that In-Sight Explorer based vision systems are legacy \nproducts not intended for new applications. To reduce risk, asset owners\n are advised to switch to next generation In-Sight Vision Suite based \nvision systems, such as the In-Sight 2800, In-Sight 3800, In-Sight 8900 \nseries embedded cameras.\n\n\u003cbr\u003e"
}
],
"value": "Cognex reports that In-Sight Explorer based vision systems are legacy \nproducts not intended for new applications. To reduce risk, asset owners\n are advised to switch to next generation In-Sight Vision Suite based \nvision systems, such as the In-Sight 2800, In-Sight 3800, In-Sight 8900 \nseries embedded cameras."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-54754",
"datePublished": "2025-09-18T21:06:15.053Z",
"dateReserved": "2025-08-06T16:32:41.245Z",
"dateUpdated": "2025-09-19T13:04:14.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47823 (GCVE-0-2025-47823)
Vulnerability from cvelistv5 – Published: 2025-06-27 00:00 – Updated: 2025-09-02 16:13- CWE-259 - Use of Hard-coded Password
| Vendor | Product | Version | |
|---|---|---|---|
| Flock Safety | License Plate Reader |
Affected:
0 , ≤ 2.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T18:50:10.052853Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T18:50:27.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "License Plate Reader",
"vendor": "Flock Safety",
"versions": [
{
"lessThanOrEqual": "2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T16:13:25.835Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert"
},
{
"url": "https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/"
},
{
"url": "https://gainsec.com/2025/06/19/grounded-flight-device-2-root-shell-on-flock-safetys-falcon-sparrow-automated-license-plate-reader/"
},
{
"url": "https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdf"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-47823",
"datePublished": "2025-06-27T00:00:00.000Z",
"dateReserved": "2025-05-10T00:00:00.000Z",
"dateUpdated": "2025-09-02T16:13:25.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47821 (GCVE-0-2025-47821)
Vulnerability from cvelistv5 – Published: 2025-06-27 00:00 – Updated: 2025-09-02 16:27- CWE-259 - Use of Hard-coded Password
| Vendor | Product | Version | |
|---|---|---|---|
| Flock Safety | Gunshot Detection devices |
Affected:
0 , < 1.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T18:51:31.466750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T18:56:27.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Gunshot Detection devices",
"vendor": "Flock Safety",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T16:27:32.117Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert"
},
{
"url": "https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/"
},
{
"url": "https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdf"
},
{
"url": "https://gainsec.com/2025/06/19/plucked-and-rooted-device-1-debug-shell-on-flock-safetys-raven-gunshot-detection-system/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-47821",
"datePublished": "2025-06-27T00:00:00.000Z",
"dateReserved": "2025-05-10T00:00:00.000Z",
"dateUpdated": "2025-09-02T16:27:32.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47818 (GCVE-0-2025-47818)
Vulnerability from cvelistv5 – Published: 2025-06-27 00:00 – Updated: 2025-09-02 16:22- CWE-259 - Use of Hard-coded Password
| Vendor | Product | Version | |
|---|---|---|---|
| Flock Safety | Gunshot Detection devices |
Affected:
0 , < 1.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T18:51:56.475838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T18:54:49.995Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Gunshot Detection devices",
"vendor": "Flock Safety",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T16:22:58.439Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert"
},
{
"url": "https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/"
},
{
"url": "https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdf"
},
{
"url": "https://gainsec.com/2025/06/19/plucked-and-rooted-device-1-debug-shell-on-flock-safetys-raven-gunshot-detection-system/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-47818",
"datePublished": "2025-06-27T00:00:00.000Z",
"dateReserved": "2025-05-10T00:00:00.000Z",
"dateUpdated": "2025-09-02T16:22:58.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-44955 (GCVE-0-2025-44955)
Vulnerability from cvelistv5 – Published: 2025-08-04 00:00 – Updated: 2025-11-03 20:04- CWE-259 - Use of Hard-coded Password
| Vendor | Product | Version | |
|---|---|---|---|
| RUCKUS | Network Director |
Affected:
0 , < 4.5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-44955",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-04T16:25:47.910155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-04T16:50:39.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:04:12.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/613753"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Network Director",
"vendor": "RUCKUS",
"versions": [
{
"lessThan": "4.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-04T15:56:50.694Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://kb.cert.org/vuls/id/613753"
},
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2025-44955"
},
{
"url": "https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-44955",
"datePublished": "2025-08-04T00:00:00.000Z",
"dateReserved": "2025-04-22T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:04:12.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-36609 (GCVE-0-2025-36609)
Vulnerability from cvelistv5 – Published: 2025-07-30 18:14 – Updated: 2025-07-30 18:31- CWE-259 - Use of Hard-coded Password
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00034619… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | SmartFabric OS10 Software |
Affected:
N/A , < 10.6.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T18:30:48.438199Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T18:31:00.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SmartFabric OS10 Software",
"vendor": "Dell",
"versions": [
{
"lessThan": "10.6.0.5",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-07-17T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.\u003cbr\u003e"
}
],
"value": "Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259: Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T18:14:01.641Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000346195/dsa-2025-259-security-update-for-dell-networking-os10-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2025-36609",
"datePublished": "2025-07-30T18:14:01.641Z",
"dateReserved": "2025-04-15T21:32:46.456Z",
"dateUpdated": "2025-07-30T18:31:00.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20286 (GCVE-0-2025-20286)
Vulnerability from cvelistv5 – Published: 2025-06-04 16:18 – Updated: 2025-06-05 18:08- CWE-259 - Use of Hard-coded Password
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.2.0 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.2.0 p1 Affected: 3.1.0 p6 Affected: 3.2.0 p2 Affected: 3.1.0 p7 Affected: 3.3.0 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.1.0 p8 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.1.0 p9 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.4.0 Affected: 3.2.0 p7 Affected: 3.3 Patch 4 Affected: 3.4 Patch 1 Affected: 3.1.0 p10 Affected: 3.3 Patch 5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T18:12:31.436423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T18:19:18.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.3 Patch 5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.\r\n\r\nThis vulnerability exists because credentials are improperly generated when Cisco ISE is being deployed on cloud platforms, resulting in different Cisco ISE deployments sharing the same credentials. These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same. An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports. A successful exploit could allow the attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.\r\nNote: If the Primary Administration node is deployed in the cloud, then Cisco ISE is affected by this vulnerability. If the Primary Administration node is on-premises, then it is not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "Use of Hard-coded Password",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T18:08:01.160Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-aws-static-cred-FPMjUcm7",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-aws-static-cred-FPMjUcm7"
}
],
"source": {
"advisory": "cisco-sa-ise-aws-static-cred-FPMjUcm7",
"defects": [
"CSCwn63400"
],
"discovery": "EXTERNAL"
},
"title": "ISE on AWS Static Credential"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20286",
"datePublished": "2025-06-04T16:18:30.929Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-06-05T18:08:01.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-15371 (GCVE-0-2025-15371)
Vulnerability from cvelistv5 – Published: 2025-12-31 01:02 – Updated: 2026-01-02 14:38| URL | Tags |
|---|---|
| https://vuldb.com/?id.339075 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.339075 | signaturepermissions-required |
| https://vuldb.com/?submit.727155 | third-party-advisory |
| https://vuldb.com/?submit.727283 | third-party-advisory |
| https://vuldb.com/?submit.727284 | third-party-advisory |
| https://vuldb.com/?submit.727285 | third-party-advisory |
| https://vuldb.com/?submit.727302 | third-party-advisory |
| https://vuldb.com/?submit.727305 | third-party-advisory |
| https://vuldb.com/?submit.727306 | third-party-advisory |
| https://github.com/vuln-1/vuln/blob/main/Tenda/i2… | exploit |
| https://www.tenda.com.cn/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Tenda | i24 |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
|
| Tenda | 4G03 Pro |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
|
| Tenda | 4G05 |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
|
| Tenda | 4G08 |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
|
| Tenda | G0-8G-PoE |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
|
| Tenda | Nova MW5G |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
|
| Tenda | TEG5328F |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T14:22:55.128847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:38:01.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Shadow File"
],
"product": "i24",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G03 Pro",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G05",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G08",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "G0-8G-PoE",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "Nova MW5G",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "TEG5328F",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vlun-1 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T01:02:06.989Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-339075 | Tenda i24 Shadow File hard-coded credentials",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.339075"
},
{
"name": "VDB-339075 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.339075"
},
{
"name": "Submit #727155 | Tenda Tenda i24v3.0 V3.0.0.8(4008) V3.0.0.8(4008) Hard-coded Credentials",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727155"
},
{
"name": "Submit #727283 | Tenda 4G03ProV1.0re V04.03.01.49 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727283"
},
{
"name": "Submit #727284 | Tenda 4G05V1.0re V04.05.01.15 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727284"
},
{
"name": "Submit #727285 | Tenda 4G08V1.0re V04.08.01.28 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727285"
},
{
"name": "Submit #727302 | Tenda G0-8G-PoEV2.0si V16.01.8.5 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727302"
},
{
"name": "Submit #727305 | Tenda MW5GV1.0re V1.0.0.35 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727305"
},
{
"name": "Submit #727306 | Tenda TEG5328FV1.0ma V65.10.15.6 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727306"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/vuln-1/vuln/blob/main/Tenda/i24v3.0_V3.0.0.8/report-1.md"
},
{
"tags": [
"product"
],
"url": "https://www.tenda.com.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-30T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-30T19:37:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tenda i24 Shadow File hard-coded credentials"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15371",
"datePublished": "2025-12-31T01:02:06.989Z",
"dateReserved": "2025-12-30T17:35:13.980Z",
"dateUpdated": "2026-01-02T14:38:01.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15111 (GCVE-0-2025-15111)
Vulnerability from cvelistv5 – Published: 2025-12-30 22:41 – Updated: 2026-03-11 19:30 Unsupported When Assigned- CWE-259 - Use of hard-coded password
| URL | Tags |
|---|---|
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | third-party-advisory |
| https://packetstorm.news/files/id/190180/ | exploit |
| https://www.kseniasecurity.com/ | product |
| https://www.vulncheck.com/advisories/ksenia-secur… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Ksenia Security S.p.A. | lares |
Affected:
1.6
Affected: 1.0.0.15 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15111",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T14:24:12.604643Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:38:46.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "lares",
"vendor": "Ksenia Security S.p.A.",
"versions": [
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.0.0.15"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mencha Isajlovska of Zero Science Lab"
}
],
"datePublic": "2025-03-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan\u003eKsenia Security lares (legacy model)\u003c/span\u003e\u0026nbsp;version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.\u003c/p\u003e"
}
],
"value": "Ksenia Security lares (legacy model)\u00a0version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of hard-coded password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T19:30:33.994Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Zero Science Lab Disclosure (ZSL-2025-5927)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php"
},
{
"name": "Packet Storm Security Exploit Entry",
"tags": [
"exploit"
],
"url": "https://packetstorm.news/files/id/190180/"
},
{
"name": "Ksenia Security Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.kseniasecurity.com/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-default-credentials-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Ksenia Security lares Home Automation 1.6 Default Credentials Vulnerability",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-15111",
"datePublished": "2025-12-30T22:41:45.831Z",
"dateReserved": "2025-12-27T01:44:38.682Z",
"dateUpdated": "2026-03-11T19:30:33.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14126 (GCVE-0-2025-14126)
Vulnerability from cvelistv5 – Published: 2025-12-06 10:02 – Updated: 2025-12-08 17:14| URL | Tags |
|---|---|
| https://vuldb.com/?id.334521 | vdb-entry |
| https://vuldb.com/?ctiid.334521 | signaturepermissions-required |
| https://vuldb.com/?submit.697498 | third-party-advisory |
| https://youtu.be/o8rfjSlpRxY | exploitmedia-coverage |
| Vendor | Product | Version | |
|---|---|---|---|
| TOZED | ZLT M30S |
Affected:
1.47
Affected: 3.09.06 |
|
| TOZED | ZLT M30S PRO |
Affected:
1.47
Affected: 3.09.06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-08T17:07:30.732362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T17:14:25.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Interface"
],
"product": "ZLT M30S",
"vendor": "TOZED",
"versions": [
{
"status": "affected",
"version": "1.47"
},
{
"status": "affected",
"version": "3.09.06"
}
]
},
{
"modules": [
"Web Interface"
],
"product": "ZLT M30S PRO",
"vendor": "TOZED",
"versions": [
{
"status": "affected",
"version": "1.47"
},
{
"status": "affected",
"version": "3.09.06"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "S33K3R (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-06T10:02:05.279Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-334521 | TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.334521"
},
{
"name": "VDB-334521 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.334521"
},
{
"name": "Submit #697498 | ZLT M30S \u0026 M30S PRO MTNNGRM30S_1.47, M30SPRO_3.09.06 (Other versions might be vulnerable) Backdoor Credentials",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.697498"
},
{
"tags": [
"exploit",
"media-coverage"
],
"url": "https://youtu.be/o8rfjSlpRxY"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-05T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-05T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-05T18:03:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-14126",
"datePublished": "2025-12-06T10:02:05.279Z",
"dateReserved": "2025-12-05T16:58:25.370Z",
"dateUpdated": "2025-12-08T17:14:25.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
For outbound authentication: store passwords outside of the code in a strongly-protected, encrypted configuration file or database that is protected from access by all outsiders, including other local users on the same system. Properly protect the key (CWE-320). If you cannot use encryption to protect the file, then make sure that the permissions are as restrictive as possible.
Mitigation
For inbound authentication: Rather than hard-code a default username and password for first time logins, utilize a "first login" mode that requires the user to enter a unique strong password.
Mitigation
Perform access control checks and limit which entities can access the feature that requires the hard-coded password. For example, a feature might only be enabled through the system console instead of through a network connection.
Mitigation
- For inbound authentication: apply strong one-way hashes to your passwords and store those hashes in a configuration file or database with appropriate access control. That way, theft of the file/database still requires the attacker to try to crack the password. When receiving an incoming password during authentication, take the hash of the password and compare it to the hash that you have saved.
- Use randomly assigned salts for each separate hash that you generate. This increases the amount of computation that an attacker needs to conduct a brute-force attack, possibly limiting the effectiveness of the rainbow table method.
Mitigation
For front-end to back-end connections: Three solutions are possible, although none are complete.
No CAPEC attack patterns related to this CWE.