← Back to CVEs
CVE-2025-15016
CRITICAL9.8
Description
Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published12/22/2025
Last Modified3/5/2026
Sourcenvd
Honeypot Sightings0
Affected Products
ragic:enterprise_cloud_database
Weaknesses (CWE)
CWE-321
References
https://www.twcert.org.tw/en/cp-139-10588-771e5-2.html(twcert@cert.org.tw)
https://www.twcert.org.tw/tw/cp-132-10587-797c6-1.html(twcert@cert.org.tw)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.