Severity by source
AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3DescriptionCVE.org
Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing the attackers to gain root, admin or user access and reset passwords.
AnalysisAI
A remote code execution vulnerability (CVSS 5.0) that allows an unauthenticated attacker. Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type: remote code execution.
RemediationAI
Monitor vendor channels for patch availability.
More in Wise 4050lan Firmware
View allA privilege escalation vulnerability (CVSS 9.6) that allows an unauthenticated attacker. Risk factors: public PoC availa
CVE-2025-48466 is a security vulnerability (CVSS 8.1). Risk factors: public PoC available.
Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots, potentially leading to r
A security vulnerability in Successful exploitation of the vulnerability could allow an attacker that (CVSS 6.4) that al
Successful exploitation of the vulnerability could allow an attacker to consume all available session slots and block ot
Successful exploitation of the stored cross-site scripting vulnerability could allow an attacker to inject malicious scr
Same weakness CWE-341 – Predictable from Observable State
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18991