Skip to main content

Brute Force CVE-2025-27663

CRITICAL
Weak Password Requirements (CWE-521)
2025-03-05 cve@mitre.org
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:29 vuln.today
CVE Published
Mar 05, 2025 - 06:15 nvd
CRITICAL 9.8

DescriptionCVE.org

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007.

AnalysisAI

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-521. Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007. Affected products include: Printerlogic Vasion Print, Printerlogic Virtual Appliance.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-28200 CRITICAL POC
9.8 May 09

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits o

CVE-2025-28389 CRITICAL POC
9.8 Jun 13

Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable br

CVE-2026-6284 CRITICAL
9.3 Apr 17

Brute force password attacks against Horner Automation XL4/XL7 PLCs and Cscape software allow remote unauthenticated att

CVE-2025-1341 MEDIUM POC
6.3 Feb 16

A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. Rated medium severity (CVSS 6.3), this v

CVE-2025-25211 CRITICAL
9.8 Mar 31

Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. Rated critical severity (CVS

CVE-2026-33771 CRITICAL
9.1 Apr 09

Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers

CVE-2025-5485 HIGH
8.6 Jun 12

User enumeration vulnerability affecting web management interfaces where usernames are limited to device identifiers (10

CVE-2025-9964 HIGH
8.6 Sep 23

No password for the root user is set in Novakon P series. Rated high severity (CVSS 8.6), this vulnerability is no authe

CVE-2026-41038 HIGH
7.6 Apr 21

Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers

CVE-2025-26847 HIGH
7.5 May 08

An issue was discovered in Znuny before 7.1.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitabl

CVE-2025-8549 LOW POC
2.9 Aug 05

A vulnerability was found in atjiu pybbs up to 6.0.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely e

CVE-2026-35097 MEDIUM
6.9 Jun 30

KTM System e-BOK enforces a system-wide password policy that restricts all user credentials to exactly six numeric digit

Share

CVE-2025-27663 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy