CVE-2019-25291

HIGH

INIM Electronics Smartliving SmartLAN/G/SI <=6.x - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25291. PoCs published by LiquidWorm.

AI-analyzed exploit summary This writeup discloses hard-coded credentials in Inim Electronics Smartliving SmartLAN/G/SI devices (versions <=6.x). The credentials are embedded in the Linux distribution image and cannot be changed by the end-user, allowing attackers to gain unauthorized system access via Telnet, SSH, or FTP.

Description

INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving device models.

Exploits (1)

exploitdb WRITEUP
by LiquidWorm · textlocalhardware
https://www.exploit-db.com/exploits/47763

This writeup discloses hard-coded credentials in Inim Electronics Smartliving SmartLAN/G/SI devices (versions <=6.x). The credentials are embedded in the Linux distribution image and cannot be changed by the end-user, allowing attackers to gain unauthorized system access via Telnet, SSH, or FTP.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Inim Electronics Smartliving SmartLAN/G/SI <=6.x
No auth needed
Prerequisites: network access to the device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47763
Exploit, Third Party Advisory exploit
https://packetstormsecurity.com/files/155618
Third Party Advisory, VDB Entry vdb-entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/172838
Various Sources product
https://www.inim.biz/

Scores

CVSS v3 7.5
EPSS 0.0037
EPSS Percentile 28.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-798
Status published
Products (7)
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI 10100L
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI 10100L/G3
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI 1050
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI 1050/G3
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI 505
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI 515
INIM Electronics s.r.l./Smartliving SmartLAN/G/SI <=6.0
Published Jan 08, 2026
Tracked Since Feb 18, 2026