CVE-2025-26410
Published Feb 11, 2025
Last updated 4 days ago
- Description
- The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials can be used to log into the device via the login shell that is exposed by the serial interface. The backdoor user has been removed in firmware BSP >= 6.4.1.
- Source
- 551230f0-3615-47bd-b7cc-93e92e730bbf
- NVD status
- Awaiting Analysis
- 551230f0-3615-47bd-b7cc-93e92e730bbf
- CWE-798
- Hype score
- Not currently trending
CVE-2025-26410 (CVSS:9.8, CRITICAL) is Awaiting Analysis. The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password ca..https://t.co/KewHKnvEpD #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
16 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-26410 ⚠️🔴 CRITICAL (9.8) 🏢 Wattsense - Wattsense Bridge 🏗️ 0 🔗 https://t.co/FwEMV8ouIu 🔗 https://t.co/fskH79VT0t #CyberCron #VulnAlert https://t.co/VzM6uFVvdI
@cybercronai
11 Feb 2025
7 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26410 The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking at… https://t.co/0e1fbJYUUH
@CVEnew
11 Feb 2025
185 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes