CVE-2025-41762

Medium

An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to…

CERTVDE·CWE-328·Published 2026-03-09

CVSS

6.2

EPSS

0.00

KEV

Exploits

cve.orgen

196 chars

An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates.

NVDen

196 chars

An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates.

Un atacante no autenticado puede abusar del hash débil de la copia de seguridad generada por el endpoint wwwdnload.cgi para obtener acceso no autorizado a datos sensibles, incluyendo hashes de contraseñas y certificados.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	6.2	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N