FKIE_CVE-2025-26411

Vulnerability from fkie_nvd - Published: 2025-02-11 10:15 - Updated: 2025-11-03 22:18
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface to be able to conduct this attack. This issue is fixed in recent firmware versions BSP >= 6.1.0.
References
551230f0-3615-47bd-b7cc-93e92e730bbfhttps://r.sec-consult.com/wattsense
551230f0-3615-47bd-b7cc-93e92e730bbfhttps://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2025/Feb/9
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface\u00a0to be able to conduct this attack. This issue is fixed in recent firmware versions BSP \u003e= 6.1.0."
    },
    {
      "lang": "es",
      "value": "Un atacante autenticado puede usar el Administrador de complementos de la interfaz web de los dispositivos Wattsense Bridge para cargar archivos Python maliciosos en el dispositivo. Esto le permite a un atacante obtener acceso remoto a la ra\u00edz del dispositivo. Un atacante necesita una cuenta de usuario v\u00e1lida en la interfaz web de Wattsense para poder llevar a cabo este ataque. Este problema se solucion\u00f3 en las versiones recientes de firmware BSP \u0026gt;= 6.1.0."
    }
  ],
  "id": "CVE-2025-26411",
  "lastModified": "2025-11-03T22:18:41.583",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-02-11T10:15:09.973",
  "references": [
    {
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
      "url": "https://r.sec-consult.com/wattsense"
    },
    {
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
      "url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2025/Feb/9"
    }
  ],
  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.