CVE-2025-34034

Exploit

EPSS 0.06%
Veröffentlicht 24.06.2025 01:15:24
Zuletzt bearbeitet 09.07.2025 19:09:03
Quelle disclosure@vulncheck.com
Teams Watchlist Login
Unerledigt Login

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

5vtechnologies ≫ Blue Angel Software Suite

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.194

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.exploit-db.com/exploits/46792

Third Party Advisory

Exploit

https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-34034

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-34034

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-34034

EUVD