CVE-2025-63205

High CVSS: 7.5

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5.0-9, allowing attackers to gain sensitive information such as administrator passwords via the /probe/core/setup/passwd endpoint. NOTE: the Supplier disagrees that 6.5.0-9 is affected, and instead reports that 5.6.0-3 and earlier are affected, and 5.6.0-4 (2020-09-21) and later are fixed.

Vendor

Bridgetech

Product

Vb220 Firmware

CWE

CWE-200

Yayın Tarihi

2025-11-19 18:15:48

Güncelleme

2026-02-03 15:16:12

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-200 Vb220 Firmware HIGH Bridgetech 2025

Referanslar

https://bridgetech.tv/ https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63205_bridgetech%20probes%20Information%20Disclosure https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63205_bridgetech%20probes%20Information%20Disclosure

Benzer Kayıtlar

Medium

CVE-2025-63214

An issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6.5.0-9, allowing unauth…

Medium

CVE-2025-63211

Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5…

High

CVE-2025-63208

An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attacker…