Brute Force
CVE-2025-27663
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007.
AnalysisAI
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-521. Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007. Affected products include: Printerlogic Vasion Print, Printerlogic Virtual Appliance.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Brute Force
View allVicture RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits o
Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable br
Brute force password attacks against Horner Automation XL4/XL7 PLCs and Cscape software allow remote unauthenticated att
A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. Rated medium severity (CVSS 6.3), this v
Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. Rated critical severity (CVS
Juniper Networks CTP OS 9.2R1 and 9.2R2 fail to persist password complexity settings, enabling unauthenticated attackers
User enumeration vulnerability affecting web management interfaces where usernames are limited to device identifiers (10
No password for the root user is set in Novakon P series. Rated high severity (CVSS 8.6), this vulnerability is no authe
Weak password policy enforcement in Quantum Networks router QN-I-470 version 6.1.1.B1 enables adjacent network attackers
An issue was discovered in Znuny before 7.1.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitabl
A vulnerability was found in atjiu pybbs up to 6.0.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely e
KTM System e-BOK enforces a system-wide password policy that restricts all user credentials to exactly six numeric digit
Same weakness CWE-521 – Weak Password Requirements
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today