CVE-2025-9589
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-28

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-28
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-08-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9589
EUVD
EUVD-2025-26151
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cudy wr1200ea 2.3.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1393 The product uses default passwords for potentially critical functionality.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Cudy WR1200EA device version 2.3.7-20250113-121810, specifically related to an unknown function involving the /etc/shadow file. An attacker with local access can manipulate the system to cause it to use a default password. The attack is complex and difficult to exploit, but the exploit has been publicly disclosed and may be used.


How can this vulnerability impact me? :

If exploited, this vulnerability could allow an attacker with local access to bypass normal authentication by causing the system to use a default password. This could lead to unauthorized access to the device or system, potentially compromising security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart