CVE-2019-25470

HIGH

eWON Firmware 12.2-13.0 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25470. PoCs published by Photubias.

AI-analyzed exploit summary This exploit bypasses authentication on eWON Flexy routers (firmware 12.2 to 13.0) by leveraging a weak password encryption mechanism to retrieve cleartext credentials. It requires a valid username (default 'adm') and combines an authentication bypass with a password decryption vulnerability.

Description

eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to extract encrypted passwords for all users, which can be decrypted using a hardcoded XOR key.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Photubias · pythonwebappshardware
https://www.exploit-db.com/exploits/47380

This exploit bypasses authentication on eWON Flexy routers (firmware 12.2 to 13.0) by leveraging a weak password encryption mechanism to retrieve cleartext credentials. It requires a valid username (default 'adm') and combines an authentication bypass with a password decryption vulnerability.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: eWON Flexy router firmware 12.2 to 13.0
No auth needed
Prerequisites: valid username (default 'adm') · user must have 'View IO' and 'Change Configuration' rights
devstral-2 · analyzed Mar 12, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47380
Various Sources product
https://www.ewon.biz

Scores

CVSS v3 7.5
EPSS 0.0039
EPSS Percentile 30.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-798
Status published
Products (1)
eWON/eWON 12.2 <= 13.0
Published Mar 11, 2026
Tracked Since Mar 12, 2026