9.8

CVE-2025-57437

Exploit

EPSS 0.09%
Veröffentlicht 22.09.2025 00:00:00
Zuletzt bearbeitet 10.10.2025 21:03:59
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Blackmagic Web Presenter HD firmware version 3.3 exposes sensitive information via an unauthenticated Telnet service on port 9977. When connected, the service reveals extensive device configuration data including: - Model, version, and unique identifiers - Network settings including IP, MAC, DNS - Current stream platform, stream key, and streaming URL - Audio/video configuration This data can be used to hijack live streams or perform network reconnaissance.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Blackmagicdesign ≫ Web Presenter Hd Firmware Version3.3

Blackmagicdesign ≫ Web Presenter Hd Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.246

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://www.blackmagicdesign.com/

Product

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57437

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-57437

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-57437

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-57437

EUVD