Home

Description

The web server of the device performs exchanges of sensitive information in clear text through an insecure protocol.

PUBLISHED Reserved 2025-10-31 | Published 2025-10-31 | Updated 2025-11-03 | Assigner S21sec




HIGH: 8.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:L/SA:H

Problem types

CWE-319 Cleartext Transmission of Sensitive Information

Product status

Default status
unknown

1.0.14 (Firmware)
affected

Credits

Víctor Bello Cuevas finder

Aarón Flecha Menéndez finder

Iván Alonso Álvarez coordinator

References

cds.thalesgroup.com/es/s21sec

circutor.com/...ion/conversores-y-pasarelas/product/D80010./ product

www.hackrtu.com/blog/cg-0day-en-003/ technical-description

cve.org (CVE-2025-64389)

nvd.nist.gov (CVE-2025-64389)

Download JSON