PT-2025-40414 · Flock Safety · Sparrow License Plate Readers+1

Gainsec

Publicado

2025-10-02

Atualizado

2025-10-24

CVE-2025-59409

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Flock Safety Falcon and Sparrow License Plate Readers version OPM1.171019.026

Description The devices ship with development Wi-Fi credentials (specifically, test flck) stored in cleartext within the production firmware. This could allow unauthorized access to the devices.

Recommendations Update to a newer version that does not contain the hardcoded Wi-Fi credentials.

Exploit

Correção

Cleartext Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-312

Identificadores relacionados

CVE-2025-59409

Produtos afetados

Falcon License Plate Readers

Sparrow License Plate Readers

PT-2025-40414 · Flock Safety · Sparrow License Plate Readers+1

CVE-2025-59409

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8