CVE-2018-25147

Critical CVSS: 9.3

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway operations. Attackers can exploit these default credentials to gain unauthorized root-level access to the device by logging in with predefined username and password combinations.

Vendor

Microhardcorp

Product

Ipn4g Firmware

CWE

CWE-1392

Yayın Tarihi

2025-12-24 20:15:49

Güncelleme

2026-01-26 19:47:07

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-1392 Ipn4g Firmware CRITICAL Microhardcorp 2025

Referanslar

http://www.microhardcorp.com https://www.exploit-db.com/exploits/45040 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5480.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5480.php

Benzer Kayıtlar

High

CVE-2018-25146

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and man…

High

CVE-2018-25148

Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interfa…

Medium

CVE-2018-25149

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform admin…

High

CVE-2018-25143

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SS…

High

CVE-2018-25144

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that…

High

CVE-2018-25145

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers…