CVE-2025-0432

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Jan 28, 2025

CWE ID 319

Summary

CVE-2025-0432 is a vulnerability affecting the EWON Flexy 202 device. This issue arises due to the transmission of user credentials in plaintext during the addition or modification of user accounts via the device's webpage. This lack of encryption poses a significant security risk, as sensitive information could be intercepted and misused by unauthorized parties. It is recommended that users of the EWON Flexy 202 implement encryption methods or update their devices to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2cc7YP
https://www.cve.org/CVERecord?id=CVE-2025-0432
https://nvd.nist.gov/vuln/detail/CVE-2025-0432

Back to Vulnerability Database

CVE-2025-0432

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations