← Voltar para CVEs
CVE-2019-25291
HIGH7.5
Descricao
INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving device models.
Detalhes CVE
Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado1/8/2026
Ultima modificacao1/8/2026
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-798
Referencias
https://exchange.xforce.ibmcloud.com/vulnerabilities/172838(disclosure@vulncheck.com)
https://packetstormsecurity.com/files/155618(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/47763(disclosure@vulncheck.com)
https://www.inim.biz/(disclosure@vulncheck.com)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php(disclosure@vulncheck.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.