📄 Trivision NC-227WF Username Enumeration_PACKETSTORM:209989

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Description

Trivision.........

Visit Original Source

Basic Information

ID PACKETSTORM:209989

Published Sep 30, 2025 at 00:00

Affected Product

Affected Versions # CVE-2025-56764 — Trivision NC-227WF

## Summary
Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username exists or not by returning different error messages ("Unknown user" vs. "Wrong password"), allowing an attacker to enumerate valid usernames. Referenced CVE record has been published to the CVE List / NVD.

## Impact
- Username enumeration enabling targeted brute-force or credential-stuffing attacks.
- Increases risk of unauthorized access when combined with credential theft or weak passwords.

## Observed behavior / Example
- Different error messages are returned based on username validity.
- Example observed responses:
- `"Unknown user"` — username does not exist.
- `"Wrong password"` — username exists but password incorrect.

## Mitigation / Recommendations
1. Normalize login error messages so responses do not reveal username validity.
2. Implement proper authentication handling and reject weaker auth schemes where inappropriate.
3. Enforce rate limiting and account lockout policies.
4. Monitor and audit authentication attempts; rotate compromised credentials.

## References
- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2025-56764)
- [CVE.org Entry](https://www.cve.org/CVERecord?id=CVE-2025-56764)

---

# 권고문
Trivision NC-227WF 펌웨어 5.80 (build 20141010)의 로그인 처리에서 사용자명 존재 여부에 따라 서로 다른 오류 메시지를 반환합니다("Unknown user" vs "Wrong password"). 이로 인해 공격자는 유효한 사용자명을 열거할 수 있습니다. 관련 CVE 레코드는 NVD에 게시되었습니다.

## 영향
- 사용자명 노출로 인한 무차별 대입 공격 및 크리덴셜 스터핑 가능성 증가.
- 노출된 사용자명 + 약한 비밀번호 조합 시 무단 접근 위험 증대.

## 관찰된 동작 / 예시
- 사용자명 존재 여부에 따라 반환되는 오류 메시지가 다름:
- `Unknown user` — 계정 없음
- `Wrong password` — 계정 존재, 비밀번호 불일치

## 완화 권고
1. 로그인 오류 메시지를 통일하여 사용자명 유효성 노출을 막을 것.
2. 인증 처리 로직을 점검하여 불필요한 약한 인증 방식 허용을 차단할 것.
3. 로그인 시도에 대한 속도 제한 및 계정 잠금 정책 적용.
4. 인증 로그 모니터링 및 의심스러운 시도에 대한 조치, 자격증명 교체.

## 참고
- [NVD 등록 정보](https://nvd.nist.gov/vuln/detail/CVE-2025-56764)
- [CVE.org 등록 정보](https://www.cve.org/CVERecord?id=CVE-2025-56764)

{
    "lastseen": "2025-09-30T16:29:43",
    "description": "Trivision.........",
    "published": "2025-09-30T00:00:00",
    "modified": "2025-09-30T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 Trivision NC-227WF Username Enumeration",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:209989",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2025-56764"
    ],
    "sourceData": "# CVE-2025-56764 \u2014 Trivision NC-227WF\n    \n    ## Summary\n    Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username exists or not by returning different error messages (\"Unknown user\" vs. \"Wrong password\"), allowing an attacker to enumerate valid usernames. Referenced CVE record has been published to the CVE List / NVD.\n    \n    ## Impact\n    - Username enumeration enabling targeted brute-force or credential-stuffing attacks.\n    - Increases risk of unauthorized access when combined with credential theft or weak passwords.\n    \n    ## Observed behavior / Example\n    - Different error messages are returned based on username validity.\n    - Example observed responses:\n      - `\"Unknown user\"` \u2014 username does not exist.\n      - `\"Wrong password\"` \u2014 username exists but password incorrect.\n    \n    ## Mitigation / Recommendations\n    1. Normalize login error messages so responses do not reveal username validity.\n    2. Implement proper authentication handling and reject weaker auth schemes where inappropriate.\n    3. Enforce rate limiting and account lockout policies.\n    4. Monitor and audit authentication attempts; rotate compromised credentials.\n    \n    ## References\n    - [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2025-56764)  \n    - [CVE.org Entry](https://www.cve.org/CVERecord?id=CVE-2025-56764)\n    \n    ---\n    \n    # \uad8c\uace0\ubb38\n    Trivision NC-227WF \ud38c\uc6e8\uc5b4 5.80 (build 20141010)\uc758 \ub85c\uadf8\uc778 \ucc98\ub9ac\uc5d0\uc11c \uc0ac\uc6a9\uc790\uba85 \uc874\uc7ac \uc5ec\ubd80\uc5d0 \ub530\ub77c \uc11c\ub85c \ub2e4\ub978 \uc624\ub958 \uba54\uc2dc\uc9c0\ub97c \ubc18\ud658\ud569\ub2c8\ub2e4(\"Unknown user\" vs \"Wrong password\"). \uc774\ub85c \uc778\ud574 \uacf5\uaca9\uc790\ub294 \uc720\ud6a8\ud55c \uc0ac\uc6a9\uc790\uba85\uc744 \uc5f4\uac70\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uad00\ub828 CVE \ub808\ucf54\ub4dc\ub294 NVD\uc5d0 \uac8c\uc2dc\ub418\uc5c8\uc2b5\ub2c8\ub2e4. \n    \n    ## \uc601\ud5a5\n    - \uc0ac\uc6a9\uc790\uba85 \ub178\ucd9c\ub85c \uc778\ud55c \ubb34\ucc28\ubcc4 \ub300\uc785 \uacf5\uaca9 \ubc0f \ud06c\ub9ac\ub374\uc15c \uc2a4\ud130\ud551 \uac00\ub2a5\uc131 \uc99d\uac00.\n    - \ub178\ucd9c\ub41c \uc0ac\uc6a9\uc790\uba85 + \uc57d\ud55c \ube44\ubc00\ubc88\ud638 \uc870\ud569 \uc2dc \ubb34\ub2e8 \uc811\uadfc \uc704\ud5d8 \uc99d\ub300.\n    \n    ## \uad00\ucc30\ub41c \ub3d9\uc791 / \uc608\uc2dc\n    - \uc0ac\uc6a9\uc790\uba85 \uc874\uc7ac \uc5ec\ubd80\uc5d0 \ub530\ub77c \ubc18\ud658\ub418\ub294 \uc624\ub958 \uba54\uc2dc\uc9c0\uac00 \ub2e4\ub984:\n      - `Unknown user` \u2014 \uacc4\uc815 \uc5c6\uc74c\n      - `Wrong password` \u2014 \uacc4\uc815 \uc874\uc7ac, \ube44\ubc00\ubc88\ud638 \ubd88\uc77c\uce58\n    \n    ## \uc644\ud654 \uad8c\uace0\n    1. \ub85c\uadf8\uc778 \uc624\ub958 \uba54\uc2dc\uc9c0\ub97c \ud1b5\uc77c\ud558\uc5ec \uc0ac\uc6a9\uc790\uba85 \uc720\ud6a8\uc131 \ub178\ucd9c\uc744 \ub9c9\uc744 \uac83.\n    2. \uc778\uc99d \ucc98\ub9ac \ub85c\uc9c1\uc744 \uc810\uac80\ud558\uc5ec \ubd88\ud544\uc694\ud55c \uc57d\ud55c \uc778\uc99d \ubc29\uc2dd \ud5c8\uc6a9\uc744 \ucc28\ub2e8\ud560 \uac83.\n    3. \ub85c\uadf8\uc778 \uc2dc\ub3c4\uc5d0 \ub300\ud55c \uc18d\ub3c4 \uc81c\ud55c \ubc0f \uacc4\uc815 \uc7a0\uae08 \uc815\ucc45 \uc801\uc6a9.\n    4. \uc778\uc99d \ub85c\uadf8 \ubaa8\ub2c8\ud130\ub9c1 \ubc0f \uc758\uc2ec\uc2a4\ub7ec\uc6b4 \uc2dc\ub3c4\uc5d0 \ub300\ud55c \uc870\uce58, \uc790\uaca9\uc99d\uba85 \uad50\uccb4.\n    \n    ## \ucc38\uace0\n    - [NVD \ub4f1\ub85d \uc815\ubcf4](https://nvd.nist.gov/vuln/detail/CVE-2025-56764)  \n    - [CVE.org \ub4f1\ub85d \uc815\ubcf4](https://www.cve.org/CVERecord?id=CVE-2025-56764)",
    "sourceHref": "https://packetstorm.news/download/209989",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/209989/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

💭 Join the Security Discussion ❌ Cancel Reply