CVE-2019-25322
Awaiting Analysis Awaiting Analysis - Queue
Hardcoded Credentials in Heatmiser Netmonitor 3.03 Enables Unauthorized Access

Publication date: 2026-02-12

Last updated on: 2026-02-13

Assigner: VulnCheck

Description
Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable admin login credentials. Attackers can access the device by using the hard-coded username 'admin' and password 'admin' in the hidden form input fields.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-12
Last Modified
2026-02-13
Generated
2026-06-16
AI Q&A
2026-02-13
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25322
EUVD
EUVD-2019-19571
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
heatmiser netmonitor 3.03
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in Heatmiser Netmonitor 3.03 is due to hardcoded credentials in the networkSetup.htm page. Specifically, the device contains predictable admin login credentials embedded in hidden form input fields, with the username set as 'admin' and the password also set as 'admin'. This allows attackers to gain unauthorized access to the device by simply using these hardcoded credentials.

Impact Analysis

This vulnerability can allow attackers to remotely access the Heatmiser Netmonitor device without any authentication effort, since the credentials are hardcoded and predictable. The CVSS v3.1 score indicates a high impact on confidentiality (C:H) but no impact on integrity or availability. This means attackers can potentially view sensitive information or device settings, leading to privacy breaches or unauthorized monitoring, but they cannot modify data or disrupt device operation.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25322. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart