Home
CRITICAL: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDefault status
unaffected
0.0.0 (semver) before 3.6.32
affected
Default status
unaffected
0.0.0 (semver) before 3.6.32
affected
Default status
unaffected
0.0.0 (semver) before 3.6.32
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.3.34
affected
Default status
unaffected
0.0.0 (semver) before 3.3.34
affected
Default status
unaffected
0.0.0 (semver) before 3.4.32
affected
Default status
unaffected
0.0.0 (semver) before 3.4.32
affected
Default status
unaffected
0.0.0 (semver) before 3.4.40
affected
Default status
unaffected
0.0.0 (semver) before 3.4.40
affected
Description
The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes, potentially compromising the device.
Problem types
Product status
0.0.0 (semver) before 3.6.32
0.0.0 (semver) before 3.6.32
0.0.0 (semver) before 3.6.32
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.3.34
0.0.0 (semver) before 3.3.34
0.0.0 (semver) before 3.4.32
0.0.0 (semver) before 3.4.32
0.0.0 (semver) before 3.4.40
0.0.0 (semver) before 3.4.40
References
certvde.com/en/advisories/VDE-2025-044/