CVE-2025-41652

Critical CVSS: 9.8

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes, potentially compromising the device.

Vendor

Product

CWE

CWE-328

Yayın Tarihi

2025-05-27 09:15:21

Güncelleme

2025-08-22 11:15:31

Source Identifier

info@cert.vde.com

KEV Date Added

Kategoriler

CWE-328 CRITICAL 2025

Referanslar

https://certvde.com/en/advisories/VDE-2025-044/