← voltar
CVE-2025-7215

FNKvision FNK-GU2 wpa_supplicant.conf cleartext storage

CVSS 1 LOWEPSS 0.1%CWE-310CWE-312
A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
Produtos afetados
FNKvision · FNK-GU2

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21https://vuldb.com/?ctiid.315164https://vuldb.com/?id.315164https://vuldb.com/?submit.608030