{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T16:36:42.553","vulnerabilities":[{"cve":{"id":"CVE-2025-48413","sourceIdentifier":"551230f0-3615-47bd-b7cc-93e92e730bbf","published":"2025-05-21T12:16:22.170","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating system \"root\" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device. Authentication can be performed via SSH backdoor or likely via physical access (UART shell)."},{"lang":"es","value":"Los archivos `/etc/passwd` y `/etc/shadow` revelan hashes de contraseñas incrustadas para el usuario «root» del sistema operativo. Las credenciales se envían con los archivos de actualización. No hay opción para borrar o cambiar sus contraseñas para un usuario final. Un atacante puede utilizar las credenciales para iniciar sesión en el dispositivo. La autenticación se puede realizar a través de SSH backdoor o probablemente a través de acceso físico (UART shell)."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.5,"impactScore":5.2}]},"weaknesses":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"references":[{"url":"https://r.sec-consult.com/echarge","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"},{"url":"http://seclists.org/fulldisclosure/2025/May/23","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}