Hardcoded Credentials Vulnerability in Microhard Systems IPn4G
CVE-2018-25147
Key Information:
- Vendor
Microhard Systems
- Vendor
- CVE Published:
- 24 December 2025
Badges
What is CVE-2018-25147?
The Microhard Systems IPn4G 1.1.0 is vulnerable due to the presence of hardcoded default credentials that cannot be altered through standard gateway operations. This significant security flaw allows attackers to exploit these unchangeable credentials, gaining unauthorized root-level access to the device. By utilizing predefined username and password combinations, malicious actors can effectively manipulate the device's functionalities, compromising its integrity and security. It is crucial for users to remain vigilant and take preventative measures against such vulnerabilities.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials IPn4G 1.1.0 build 1098
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved