CVE-2025-13955 | THREATINT

Description

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers

PUBLISHED Reserved 2025-12-03 | Published 2025-12-10 | Updated 2026-05-28 | Assigner NCSC.ch

CRITICAL: 9.3CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/AU:Y/RE:L

Problem types

CWE-330 Use of Insufficiently Random Values

Product status

Default status

affected

Any version before 1.17478.177

affected

Credits

Swiss National Test Institute for Cybersecurity NTC finder

Swiss National Cybersecurity Centre coordinator

References

www.ncsc.admin.ch/...e-melden/cvd-cases/cvd-case-1-test.html government-resource

www.nimbletech.com.tw/index.php/release-note/ release-notes

cve.org (CVE-2025-13955)

nvd.nist.gov (CVE-2025-13955)

Download JSON