CVE-2025-25037
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-20

Last updated on: 2025-06-23

Assigner: VulnCheck

Description
An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST requests and retrieve sensitive configuration data, including plaintext administrative credentials. Exploitation of this flaw can lead to full compromise of the system, enabling unauthorized manipulation of connected devices and aquarium parameters.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-20
Last Modified
2025-06-23
Generated
2026-05-07
AI Q&A
2025-06-20
EPSS Evaluated
2026-05-05
NVD
CVE-2025-25037
EUVD
EUVD-2025-18781
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-25037 is an information disclosure vulnerability in the Aquatronica Controller System firmware (versions <= 5.1.6) and web interface (versions <= 2.0). The vulnerability exists because the tcp.php endpoint does not restrict unauthenticated access, allowing remote attackers to send crafted POST requests that retrieve sensitive configuration data, including plaintext administrative credentials. This flaw enables attackers to gain unauthorized access to the system and potentially fully compromise it by manipulating connected devices and aquarium parameters. [1, 2, 3]


How can this vulnerability impact me? :

Exploitation of this vulnerability can lead to severe impacts including unauthorized disclosure of sensitive information such as plaintext administrative credentials, unauthorized access to the aquarium controller system, privilege escalation, security bypass, manipulation of device settings, and potential denial of service. Ultimately, attackers can fully compromise the system and control connected aquarium devices and parameters. [1, 2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending a crafted POST request to the tcp.php endpoint of the Aquatronica Controller System and checking for sensitive configuration data in the response. Specifically, sending a POST request with parameters `function_id=TCP_XML_REQUEST` and `command=WS_GET_NETWORK_CFG` can reveal plaintext administrative credentials if the system is vulnerable. A proof-of-concept Python script (aqua.py) exists that automates this detection by sending the request and extracting credentials using regex. For manual testing, you can use curl as follows: `curl -X POST -d "function_id=TCP_XML_REQUEST&command=WS_GET_NETWORK_CFG" http://<target-ip>/tcp.php` and inspect the response for sensitive data. [2, 3]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting access to the tcp.php endpoint to trusted users or networks, such as by implementing network-level access controls or firewall rules to block unauthenticated external access. Since the vulnerability allows unauthenticated remote access, isolating the device from untrusted networks can reduce risk. Additionally, monitor for unusual POST requests to tcp.php and consider disabling or restricting the vulnerable web interface if possible until a vendor patch or update is available. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart