CVE-2025-1496

MEDIUM

BG-TEK Coslat Hotspot <6.26.0.R.20250227 - Auth Bypass

Title source: llm

Description

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Hotspot: before 6.26.0.R.20250227.

References (2)

[Various Sources] https://www.coslat.com/tr/blog/28-02-2025-guncelleme

[Third Party Advisory, US Government Resource] https://www.usom.gov.tr/bildirim/tr-25-0075

Scores

CVSS v3 6.5

EPSS 0.0014

EPSS Percentile 32.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-307

Status published

Products (1)

BG-TEK/Coslat Hotspot < 6.26.0.r.20250227

Published Mar 20, 2025

Tracked Since Feb 18, 2026