CVE-2019-25470

HIGH

eWON Firmware 12.2-13.0 - Auth Bypass

Title source: llm

Description

eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to extract encrypted passwords for all users, which can be decrypted using a hardcoded XOR key.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Photubias · pythonwebappshardware

https://www.exploit-db.com/exploits/47380

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/47380

[Various Sources] https://www.ewon.biz

[Third Party Advisory] https://www.vulncheck.com/advisories/ewon-firmware-authentication-bypass-via-wsdreadform

Scores

CVSS v3 7.5

EPSS 0.0009

EPSS Percentile 26.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-798

Status published

Products (1)

eWON/eWON 12.2 <= 13.0

Published Mar 11, 2026

Tracked Since Mar 12, 2026