CVE-2025-1960 – WebHMI Default Credential Injection Vulnerability

March 12, 2025
7:16 pm

CVE ID : CVE-2025-1960

Published : March 12, 2025, 4:15 p.m. | 2 hours, 40 minutes ago

Description : CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an
attacker to execute unauthorized commands when a system’s default password credentials have not been
changed on first use. The default username is not displayed correctly in the WebHMI interface.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-1960 – WebHMI Default Credential Injection Vulnerability

Elvescore.io

Recent Posts

CVE-2025-0114 – Palo Alto Networks PAN-OS GlobalProtect Denial of Service Vulnerability

CVE-2025-0115 – Palo Alto Networks PAN-OS CLI File Disclosure Vulnerability

CVE-2025-0116 – Palo Alto Networks PAN-OS LLDP Frame Denial of Service

CVE-2025-0117 – Pulse Secure GlobalProtect Windows Privilege Escalation Vulnerability

CVE-2025-0118 – Palo Alto Networks GlobalProtect Windows ActiveX RCE

CVE-2025-22870 – Apache Proxy IPv6 Hostname Matching Vulnerability

CVE-2025-1960 – WebHMI Default Credential Injection Vulnerability

CVE-2025-1960 – WebHMI Default Credential Injection Vulnerability