MEDIUM🇬🇧 English

CVE-2025-48461

CVSS 5.0v3.1pub. 2025-06-24upd. 2025-07-09

Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing the attackers to gain root, admin or user access and reset passwords.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Advantech Wise 4010lan

    HW
    Advantech
    wszystkie wersje
  • Advantech Wise 4010lan Firmware

    OS
    Advantech
    wszystkie wersje
  • Advantech Wise 4050lan

    HW
    Advantech
    wszystkie wersje
  • Advantech Wise 4050lan Firmware

    OS
    Advantech
    wszystkie wersje
  • Advantech Wise 4060lan

    HW
    Advantech
    wszystkie wersje
  • Advantech Wise 4060lan Firmware

    OS
    Advantech
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2025-48469CRITICAL9.6PL ✓ten sam produkt

Advantech WISE-40x0 — nieuwierzytelniony upload firmware (Auth Bypass)

CVE-2025-48466HIGH8.1ten sam produkt

Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TC...

CVE-2025-48468MEDIUM6.4ten sam produkt

Successful exploitation of the vulnerability could allow an attacker that has physical access to interface wit...

CVE-2025-48467MEDIUM6.5ten sam produkt

Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots, potentially le...

CVE-2025-48462MEDIUM4.2ten sam produkt

Successful exploitation of the vulnerability could allow an attacker to consume all available session slots an...