CVE-2025-7453

Name of the Vulnerable Software and Affected Versions: saltbo zpan versions up to 1.6.5 saltbo zpan version 1.7.0-beta2

Description: A vulnerability exists in saltbo zpan related to the JSON Web Token Handler component. The issue affects the NewToken function within the zpan/internal/app/service/token.go file. Manipulation of the input 123 results in the use of a hard-coded password. The attack can be initiated remotely, but exploitation is considered difficult. The exploit has been publicly disclosed.

Recommendations: Versions up to 1.6.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability. saltbo zpan version 1.7.0-beta2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.