TROYANOSYVIRUS
Voltar para CVEs

CVE-2025-28229

CRITICAL
9.8

Descricao

Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows attackers to bypass authentication and gain Administrator privileges.

Detalhes CVE

Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado4/18/2025
Ultima modificacao7/9/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

orban:optimod_5950orban:optimod_5950_firmware

Fraquezas (CWE)

CWE-284

Referencias

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28229(cve@mitre.org)
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28229(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.