CVE-2025-34034

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials", "name": "https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials", "tags": ["Third Party Advisory"], "refsource": ""}, {"url": "https://www.exploit-db.com/exploits/46792", "name": "https://www.exploit-db.com/exploits/46792", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://www.exploit-db.com/exploits/46792", "name": "https://www.exploit-db.com/exploits/46792", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device\u2019s web interface."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-34034", "ASSIGNER": "disclosure@vulncheck.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}}, "publishedDate": "2025-06-24T01:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:5vtechnologies:blue_angel_software_suite:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-09T19:09Z"}