CVE-2025-41652

Critical

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker…

CERTVDE·CWE-328·Published 2025-05-27

CVSS

9.8

EPSS

0.00

KEV

Exploits

cve.orgen

329 chars

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes, potentially compromising the device.

NVDen

329 chars

NVDes

371 chars

Los dispositivos son vulnerables a una omisión de autenticación debido a fallas en el mecanismo de autorización. Un atacante remoto no autenticado podría explotar esta vulnerabilidad mediante ataques de fuerza bruta para adivinar credenciales válidas o utilizando técnicas de colisión MD5 para falsificar hashes de autenticación, lo que podría comprometer el dispositivo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H