CVE-2025-71317

NetMan 204 Hard-coded Backdoor Credentials

CVSS 9.3 CRITICALEPSS 0.4%CWE-798

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Riello UPS · NetMan 204

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/52183unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/52183 https://www.riello-ups.com/downloads/25-netman-204 https://www.vulncheck.com/advisories/netman-204-hard-coded-backdoor-credentials