CVE-2025-57295
BaseFortify
Publication date: 2025-09-18
Last updated on: 2025-10-03
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| h3c | magic_nx15_firmware | nx15v100r015 |
| h3c | magic_nx15 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1188 | The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure. |
| CWE-521 | The product does not require that users should have strong passwords. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in H3C devices running firmware version NX15V100R015, where the root user account has no password set and the H3C user account uses a default password "admin." These insecure default credentials are stored in the /etc/shadow file. Attackers with network access can exploit these credentials to gain unauthorized root-level access to the device through the administrative interface or other network services.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow attackers to gain unauthorized root-level access to the affected device, leading to privilege escalation, information disclosure, or arbitrary code execution. This can compromise the security and integrity of the device and potentially the entire network it is connected to.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if H3C devices are running firmware version NX15V100R015 and verifying if the root user account has no password set and if the H3C user account uses the default password "admin". On the device, you can inspect the /etc/shadow file to see if these default credentials are present. Commands to check the /etc/shadow file include: `cat /etc/shadow` (requires appropriate permissions). Additionally, attempting to log in with the default credentials over the administrative interface or network services can help confirm the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include changing the default passwords for the root and H3C user accounts to strong, unique passwords. Ensure that the root account has a secure password set and that the H3C user account does not use the default password "admin." Additionally, restrict network access to the administrative interface and other network services to trusted hosts only, and consider updating the firmware if a fixed version becomes available.