CVE-2019-25470 | THREATINT

Description

eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to extract encrypted passwords for all users, which can be decrypted using a hardcoded XOR key.

PUBLISHED Reserved 2026-02-22 | Published 2026-03-11 | Updated 2026-03-11 | Assigner VulnCheck

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Use of Hard-coded Credentials

Product status

12.2 <= 13.0

affected

Credits

Photubias finder

References

www.exploit-db.com/exploits/47380 (ExploitDB-47380) exploit

www.ewon.biz (Official Product Homepage) product

www.vulncheck.com/...e-authentication-bypass-via-wsdreadform (VulnCheck Advisory: eWON Firmware 12.2-13.0 Authentication Bypass via wsdReadForm) third-party-advisory

cve.org (CVE-2019-25470)

nvd.nist.gov (CVE-2019-25470)

Download JSON