Predictable Default Wi-Fi Password in EZCast Pro II by EZCast
CVE-2025-13955

9.3CRITICAL

Key Information:

Vendor: Ezcast
Status: Ezcast Pro Ii
Vendor: CVE Published:; 10 December 2025

What is CVE-2025-13955?

The EZCast Pro II version 1.17478.146 contains a vulnerability that allows attackers within Wi-Fi range to access the device by predicting its default password from identifiable device features. This could lead to unauthorized control over the dongle and potential exposure of sensitive information. Users should reassess their network security measures to mitigate the risk.

Affected Version(s)

EZCast Pro II 1.17478.146

References

https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-i...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2025
Vulnerability Reserved
Dec 3, 2025

Credit

Swiss National Test Institute for Cybersecurity NTC

Swiss National Cybersecurity Centre

JSON

Ezcast

What is CVE-2025-13955?

Affected Version(s)

References

CVSS V4

Timeline

Credit