Information Disclosure Vulnerability in Bosscomm IF740 Firmware and System Versions
CVE-2025-25729

7.5HIGH

Key Information:

Vendor: Bosscomm
Status: IF740 Firmware
Vendor: CVE Published:; 28 February 2025

What is CVE-2025-25729?

An information disclosure vulnerability exists in Bosscomm IF740 Firmware and its corresponding System versions. This flaw allows attackers to retrieve hardcoded cleartext credentials, potentially compromising the security of the device. This issue arises during the update or boot processes, exposing sensitive information that should remain protected. It is critical for users of affected versions to apply mitigations promptly to safeguard against unauthorized access.

References

https://gainsec.com/2025/02/27/cve-2025-25727cve-2025-257...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 28, 2025

JSON