CVE-2025-48413 | THREATINT

Description

The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device. Authentication can be performed via SSH backdoor or likely via physical access (UART shell).

PUBLISHED Reserved 2025-05-20 | Published 2025-05-21 | Updated 2025-11-03 | Assigner SEC-VLab

Problem types

CWE-798 Use of Hard-coded Credentials

Product status

Default status

affected

<=2.2.0

affected

Credits

Stefan Viehböck | SEC Consult Vulnerability Lab finder

References

seclists.org/fulldisclosure/2025/May/23

r.sec-consult.com/echarge third-party-advisory

cve.org (CVE-2025-48413)

nvd.nist.gov (CVE-2025-48413)

Download JSON