← back
CVE-2025-41702

egOS WebGUI Hard-Coded JWT Secret Enables Authentication Bypass

CVSS 9.8 CRITICALEPSS 0.5%CWE-321
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Welotec · EG400Mk2-D11001-000101Welotec · EG400Mk2-D11101-000101Welotec · EG500Mk2-A11001-000101Welotec · EG500Mk2-A11001-000201Welotec · EG500Mk2-A11101-000101Welotec · EG500Mk2-A12011-000101Welotec · EG500Mk2-A21101-000101Welotec · EG500Mk2-B11001-000101Welotec · EG500Mk2-B11101-000101Welotec · EG500Mk2-C11001-000101Welotec · EG500Mk2-C11101-000101Welotec · EG503LWelotec · EG503L_4GBWelotec · EG503L-GWelotec · EG503WWelotec · EG503W_4GBWelotec · EG602LWelotec · EG602WWelotec · EG603L Mk2Welotec · EG603W Mk2Welotec · EG802WWelotec · EG802W_i7_512GB_DinRailWelotec · EG802W_i7_512GB_w/o DinRailWelotec · EG804WWelotec · EG804W Pro

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://certvde.com/de/advisories/VDE-2025-076