CVE-2019-25291

HIGH

INIM Electronics Smartliving SmartLAN/G/SI <=6.x - Info Disclosure

Title source: llm

Description

INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving device models.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalhardware

https://www.exploit-db.com/exploits/47763

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/172838

[Various Sources] https://www.inim.biz/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/47763

[Exploit, Third Party Advisory] https://packetstormsecurity.com/files/155618

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php

Scores

CVSS v3 7.5

EPSS 0.0004

EPSS Percentile 12.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-798

Status draft

Timeline

Published Jan 08, 2026

Tracked Since Feb 18, 2026