CVE-2019-25241

CRITICAL

FaceSentry Access Control System <6.4.8 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25241. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit leverages hard-coded SSH credentials (wwwuser:123456) on port 23445 to gain access, then abuses overly permissive sudoers entries to escalate privileges to root. The PoC uses the `pwntools` library to establish an SSH session and spawn an interactive shell.

Description

FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonremotehardware

https://www.exploit-db.com/exploits/47067

View Code ZIP pw:eip

This exploit leverages hard-coded SSH credentials (wwwuser:123456) on port 23445 to gain access, then abuses overly permissive sudoers entries to escalate privileges to root. The PoC uses the `pwntools` library to establish an SSH session and spawn an interactive shell.

Classification

Working Poc 100%

Attack Type

Rce | Lpe

Complexity

Trivial

Reliability

Reliable

Target: FaceSentry Access Control System (Firmware 6.4.8 build 264, 5.7.2 build 568, 5.7.0 build 539)

Auth required

Prerequisites: Network access to target · SSH port 23445 open

MITRE ATT&CK

T1078.001 - Default Accounts T1068 - Exploitation for Privilege Escalation T1059.004 - Unix Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry exploit

https://www.exploit-db.com/exploits/47067

Product product

http://www.iwt.com.hk

Exploit, Third Party Advisory third-party-advisory

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5526.php

Scores

CVSS v3 9.8

EPSS 0.0065

EPSS Percentile 46.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-798

Status published

Products (3)

iwt/facesentry_access_control_system_firmware 5.7.0

iwt/facesentry_access_control_system_firmware 5.7.2

iwt/facesentry_access_control_system_firmware 6.4.8

Published Dec 24, 2025

Tracked Since Feb 18, 2026