CVE-2019-25470

eWON Firmware 12.2-13.0 Authentication Bypass via wsdReadForm

CVSS 8.7 HIGHEPSS 0.4%CWE-798

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 8.7EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

11 mar 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to extract encrypted passwords for all users, which can be decrypted using a hardcoded XOR key.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

eWON · eWON

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.ewon.biz https://www.exploit-db.com/exploits/47380 https://www.vulncheck.com/advisories/ewon-firmware-authentication-bypass-via-wsdreadform