← back
CVE-2025-53842

CVE-2025-53842

CVSS 6.8 MEDIUMEPSS 0.2%CWE-798
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Jul 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for CVE-2024-39838.
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
ZEXELON CO., LTD. · ZWX-2000CS2-HNZEXELON CO., LTD. · ZWX-2000CSW2-HN

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN44419726/https://www.cve.org/CVERecord?id=CVE-2024-39838https://zexelon.co.jp/pdf/jvn44419726.pdf