CVE-2018-25147

Exploit

EPSS 0.33%
Veröffentlicht 24.12.2025 19:27:50
Zuletzt bearbeitet 26.01.2026 19:47:07
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 15 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microhardcorp ≫ Ipn4g Firmware Version1.1.0 Updatebuild1098

Microhardcorp ≫ Ipn4g Version-

Microhardcorp ≫ Ipn3gb Firmware Version2.2.0 Updatebuild2160

Microhardcorp ≫ Ipn3gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.6 Updatebuild1184-14

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.0 Updaterev2_build1090-2

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.0 Updaterev2_build1086

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Bullet-3g Firmware Version1.2.0 Updatereva_build1032

Microhardcorp ≫ Bullet-3g Version-

Microhardcorp ≫ Vip4gb Firmware Version1.1.6 Updatebuild_1204

Microhardcorp ≫ Vip4gb Version-

Microhardcorp ≫ Vip4gb Firmware Version1.1.6 Updaterev3_build1184-14

Microhardcorp ≫ Vip4gb Version-

Microhardcorp ≫ Vip4gb Wifi-n Firmware Version1.1.6 Updaterev2_build1196

Microhardcorp ≫ Vip4gb Wifi-n Version-

Microhardcorp ≫ Bullet-3g Firmware Version1.2.0 Updatebuild1076

Microhardcorp ≫ Bullet-3g Version-

Microhardcorp ≫ Bullet-lte Firmware Version1.2.0 Updatebuild1078

Microhardcorp ≫ Bullet-lte Version-

Microhardcorp ≫ Ipn3gii Firmware Version1.2.0 Updatebuild1076

Microhardcorp ≫ Ipn3gii Version-

Microhardcorp ≫ Ipn4gii Firmware Version1.2.0 Updatebuild1078

Microhardcorp ≫ Ipn4gii Version-

Microhardcorp ≫ Bulletplus Firmware Version1.3.0 Updatebuild1036

Microhardcorp ≫ Bulletplus Version-

Microhardcorp ≫ Dragon-lte Firmware Version1.1.0 Updatebuild1036

Microhardcorp ≫ Dragon-lte Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.33%	0.25

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-1392 Use of Default Credentials

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

http://www.microhardcorp.com

Product

https://www.exploit-db.com/exploits/45040

Exploit

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5480.php

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2018-25147

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-25147

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-25147

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-25147