CVE-2025-57428
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-28
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| each_italy | wiredless_mini_router | v28k.minirouter.20190211 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Italy Wireless Mini Router WIRELESS-N 300M (firmware v28K.MiniRouter.20190211) because it has a Telnet debug interface enabled by default on port 23 that uses default admin credentials ('admin'/'admin'). Attackers can log in to this Telnet shell and access low-level commands that allow direct manipulation of the device's flash memory and registers. This includes reading, writing, and erasing flash memory and modifying device registers, which can lead to firmware corruption or device bricking. [1]
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can gain unauthorized access to the router's debug shell and execute commands that manipulate the device's hardware at a low level. This can result in arbitrary firmware corruption, rendering the device inoperable (bricking), loss of security controls, and potentially complete loss of device functionality. Such control could also be used to compromise network security or disrupt network operations. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by scanning your network for devices with port 23 (Telnet) open and attempting to log in using the default credentials 'admin' for both username and password. For example, use a command like 'nmap -p 23 --open <target-ip>' to find devices with Telnet enabled. Then, try to connect via Telnet using 'telnet <target-ip> 23' and attempt to authenticate with the default credentials. If successful, you can check for the presence of the debug shell commands such as 'spi' and 'reg' to confirm the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include changing the default admin password via the device's web interface, which also updates the Telnet credentials, thereby preventing unauthorized access. If possible, disable the Telnet service on port 23 to eliminate the attack surface. Since vendor support is unavailable, consider isolating the device from untrusted networks or replacing it with a more secure alternative. [1]