{"uuid": "76316b0a-1da8-4bb3-af60-d21bd2424814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48417", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17110", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48417\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The certificate and private key used for providing transport layer security for connections to the web interface (TCP port 443) is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin interface. The files are located in /etc/ssl (e.g. salia.local.crt, salia.local.key and salia.local.pem). There is no option to upload/configure custom TLS certificates.\n\ud83d\udccf Published: 2025-05-21T12:30:08.012Z\n\ud83d\udccf Modified: 2025-05-21T12:30:08.012Z\n\ud83d\udd17 References:\n1. https://r.sec-consult.com/echarge", "creation_timestamp": "2025-05-21T12:45:43.000000Z"}