CVE-2025-48461

EPSS 0.01%
Published 24.06.2025 02:02:08
Last modified 09.07.2025 15:02:51
Source 5f57b9bf-260d-4433-bf07-b6a79e
Teams watchlist Login
Open Login

Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing the attackers to gain root, admin or user access and reset passwords.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Advantech ≫ Wise-4060lan Firmware Version-

Advantech ≫ Wise-4060lan Version-

Advantech ≫ Wise-4050lan Firmware Version-

Advantech ≫ Wise-4050lan Version-

Advantech ≫ Wise-4010lan Firmware Version-

Advantech ≫ Wise-4010lan Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.011

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
5f57b9bf-260d-4433-bf07-b6a79e9bb7d4	5	1.6	3.4	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-341 Predictable from Observable State

A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc.

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-48461

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-48461

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-48461

EUVD