{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T13:14:44.716","vulnerabilities":[{"cve":{"id":"CVE-2025-35021","sourceIdentifier":"cve@takeonme.org","published":"2025-11-04T01:15:33.107","lastModified":"2026-01-13T15:00:15.333","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections."}],"metrics":{"cvssMetricV31":[{"source":"cve@takeonme.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"cve@takeonme.org","type":"Secondary","description":[{"lang":"en","value":"CWE-1188"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:antek:abilis_cpx_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0.7","matchCriteriaId":"076FE4A3-E773-4DFE-B197-AAF0A1BC2D58"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:antek:abilis_cpx_2000:-:*:*:*:*:*:*:*","matchCriteriaId":"185FBB48-3D75-4863-A979-5DAADD4424C2"}]}]}],"references":[{"url":"https://support.abilis.net/relnotes/cpx2k/R9.0.html#R9.0.7","source":"cve@takeonme.org","tags":["Release Notes"]},{"url":"https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100","source":"cve@takeonme.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/abilis-cpx-authentication-bypass-cve-2025-35021/","source":"cve@takeonme.org","tags":["Exploit","Mitigation","Third Party Advisory"]}]}}]}