← voltar
CVE-2025-41702

egOS WebGUI Hard-Coded JWT Secret Enables Authentication Bypass

CVSS 9.8 CRITICALEPSS 0.5%CWE-321
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.8EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
26 ago 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Welotec · EG400Mk2-D11001-000101Welotec · EG400Mk2-D11101-000101Welotec · EG500Mk2-A11001-000101Welotec · EG500Mk2-A11001-000201Welotec · EG500Mk2-A11101-000101Welotec · EG500Mk2-A12011-000101Welotec · EG500Mk2-A21101-000101Welotec · EG500Mk2-B11001-000101Welotec · EG500Mk2-B11101-000101Welotec · EG500Mk2-C11001-000101Welotec · EG500Mk2-C11101-000101Welotec · EG503LWelotec · EG503L_4GBWelotec · EG503L-GWelotec · EG503WWelotec · EG503W_4GBWelotec · EG602LWelotec · EG602WWelotec · EG603L Mk2Welotec · EG603W Mk2Welotec · EG802WWelotec · EG802W_i7_512GB_DinRailWelotec · EG802W_i7_512GB_w/o DinRailWelotec · EG804WWelotec · EG804W Pro

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://certvde.com/de/advisories/VDE-2025-076