CVE-2025-65823
BaseFortify
Publication date: 2025-12-10
Last updated on: 2025-12-12
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meatmeet | pro | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability involves the Meatmeet Pro device being shipped with hardcoded Wi-Fi credentials embedded in its firmware for a test network. An attacker who obtains these credentials and locates the physical Wi-Fi network could gain unauthorized access to the vendor's Wi-Fi. Additionally, if the attacker is physically near the device during initial setup, they might force the device to auto-connect to a malicious access point by using the same SSID and password found in the firmware.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to the vendor's Wi-Fi network, potentially exposing sensitive data or allowing further attacks within the network. It also allows an attacker in close physical proximity to redirect the device to connect to a malicious access point, which could be used to intercept or manipulate network traffic.