Severity by source
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code vulnerability. If this vulnerability is exploited, files or configurations on the affected device may be read or written, or arbitrary files may be executed with root privileges.
AnalysisAI
The GREEN HOUSE CO., LTD. Digital Photo Frame GH-WDF10A contains active debug code that allows unauthenticated local attackers to read or write arbitrary files and execute commands with root privileges. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Physical access to GREEN HOUSE CO., LTD. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | This vulnerability presents a HIGH real-world risk despite the moderate 6.8 CVSS score, which is constrained by its AV:P (physical access required) vector component. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with physical access to a GH-WDF10A device in an office or home environment could connect via USB, serial console, or local network and leverage the active debug code to gain an interactive shell with root privileges. From there, the attacker could read sensitive configuration files (including stored credentials, network settings, or personal photos), install persistent malware for remote access, or modify firmware to create a backdoor for future exploitation. … |
| Remediation | Contact GREEN HOUSE CO., LTD. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 7 days: Identify all affected systems and apply vendor patches promptly. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-489 – Active Debug Code
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16096