CVE-2025-29268
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-04
Last updated on: 2025-12-16
Assigner: MITRE
Description
Description
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| allnet | all-rut22gw_firmware | 3.3.8 |
| allnet | all-rut22gw | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the ALLNET ALL-RUT22GW version 3.3.8 storing hardcoded credentials within the libicos.so library. Hardcoded credentials are fixed usernames and passwords embedded in the software code, which can be extracted and misused by attackers.
How can this vulnerability impact me? :
The presence of hardcoded credentials can allow unauthorized users to gain access to the affected device or system, potentially leading to unauthorized control, data breaches, or further exploitation of the network.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70