CVE-2023-25184

HIGH

Seiko Solutions SkyBridge/SkySpider <1.4.1/01.00.05 - Info Disclosure

Title source: llm
STIX 2.1

Description

Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier.

References (6)

Scores

CVSS v3 7.5
EPSS 0.0076
EPSS Percentile 73.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-521
Status published
Products (3)
seiko-sol/skybridge_basic_mb-a130_firmware < 1.4.1
seiko-sol/skybridge_mb-a200_firmware < 01.00.05
seiko-sol/skyspider_mb-r210_firmware < 1.01.00
Published May 10, 2023
Tracked Since Feb 18, 2026