PT-2026-1683 · Inim Electronics · Smartlan/G/Si
Published
2026-01-07
·
Updated
2026-01-08
·
CVE-2019-25291
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
INIM Electronics Smartliving SmartLAN/G/SI versions 6.x and earlier
Description
The Smartliving SmartLAN/G/SI software contains hard-coded credentials within its Linux distribution image. These credentials cannot be altered through standard device management procedures. An attacker can leverage these persistent credentials to gain unauthorized system access to multiple SmartLiving device models.
Recommendations
Versions prior to 6.x should be updated. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Smartlan/G/Si