CVE-2025-53842

Medium CVSS 4.5

Overview

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for CVE-2024-39838.

CWE: CWE-798 Published: 2025-07-16T05:15:33.900

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.5 (MEDIUM)
Detected tags: hardcoded (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags