CVE-2025-53842_CVE-2025-53842

6.8 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for CVE-2024-39838.

Basic Information

ID CVE-2025-53842

Source jpcert

Published Jul 16, 2025 at 04:30

Modified Jul 18, 2025 at 14:47

Affected Product

Vendor ZEXELON CO., LTD.

Product ZWX-2000CSW2-HN

Version prior to 0.3.19

Affected Versions ZEXELON CO., LTD. ZWX-2000CSW2-HN prior to 0.3.19
ZEXELON CO., LTD. ZWX-2000CS2-HN all versions

CWE Classification

CWE-798

References

{
    "lastseen": "",
    "description": "Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for CVE-2024-39838.",
    "published": "2025-07-16T04:30:36.624Z",
    "modified": "2025-07-18T14:47:09.380Z",
    "type": "cve",
    "title": "CVE-2025-53842",
    "source": "jpcert",
    "references": "https://zexelon.co.jp/pdf/jvn44419726.pdf\nhttps://jvn.jp/en/jp/JVN44419726/\nhttps://www.cve.org/CVERecord?id=CVE-2024-39838",
    "id": "CVE-2025-53842",
    "bulletinFamily": "",
    "cwe": [
        "CWE-798"
    ],
    "cvelist": null,
    "sourceData": "ZEXELON CO., LTD. ZWX-2000CSW2-HN prior to 0.3.19\nZEXELON CO., LTD. ZWX-2000CS2-HN all versions",
    "sourceHref": "",
    "cvss": {
        "score": 6.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ZWX-2000CSW2-HN",
    "version": "prior to 0.3.19",
    "vendor": "ZEXELON CO., LTD.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}