CVE-2025-48463
LOWDescription
Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tampering.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| advantech | wise-4060lan_firmware |
| advantech | wise-4060lan |
| advantech | wise-4050lan_firmware |
| advantech | wise-4050lan |
| advantech | wise-4010lan_firmware |
| advantech | wise-4010lan |
References
Other References
Frequently Asked Questions
What is CVE-2025-48463? +
How severe is CVE-2025-48463? +
What products are affected by CVE-2025-48463? +
How do I check if I'm vulnerable to CVE-2025-48463? +
Related Vulnerabilities
StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token …
The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3.1 for iOS devices allows …
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker …
next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of …
PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are …
This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An …