CVE-2025-71317

NetMan 204 Hard-coded Backdoor Credentials

CVSS 9.3 CRITICALEPSS 0.4%CWE-798

Vexday Risk Score

48Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.3EPSS 0.4%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

05 Jun 2026Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Riello UPS · NetMan 204

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/52183unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/52183 https://www.riello-ups.com/downloads/25-netman-204 https://www.vulncheck.com/advisories/netman-204-hard-coded-backdoor-credentials