CVE-2025-34034

Exploit

EPSS 0.06%
Published 24.06.2025 01:15:24
Last modified 09.07.2025 19:09:03
Source disclosure@vulncheck.com
Teams watchlist Login
Open Login

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

5vtechnologies ≫ Blue Angel Software Suite

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.194

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.exploit-db.com/exploits/46792

Third Party Advisory

Exploit

https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-34034

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-34034

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-34034

EUVD