CVE-2025-63362

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware version 3.1.1.0

Description The webpage component, version V7.04T.07.002880.0301, allows attackers to set the Administrator username and password to blank values, bypassing authentication. The hardware version is 4.3.2.1.

Recommendations Apply a fix to prevent setting blank values for the Administrator username and password.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-620

Related Identifiers

CVE-2025-63362

Affected Products

Rs232/485 To Wifi Eth

V7.04T.07.002880.0301

CVE-2025-63362

Weakness Enumeration

Related Identifiers

Affected Products

References · 6