CVE-2025-25613

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch versions prior to 2.2.0D Build 135103

Description The FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch transmits cookies containing usernames and passwords in cleartext using base64 encoding during every POST request made to the server for its web-based administrative application. The cookies are sent with each POST request to the server.

Recommendations Update to version 2.2.0D Build 135103 or later.

Exploit

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312CWE-539

Related Identifiers

CVE-2025-25613

Affected Products

Fs Inc S3150-8T2F

CVE-2025-25613

Weakness Enumeration

Related Identifiers

Affected Products

References · 7