CVE-2025-28228

HIGH NUCLEI

Electrolink FM/DAB/TV Transmitter - Credentials Disclosure

Title source: nuclei

Description

A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext.

Exploits (1)

github WORKING POC 40 stars

by iSee857 · pythonpoc

https://github.com/iSee857/CVE-PoC/tree/main/electrolink-CVE-2025-28228-InfoLeak.py

View Code ZIP pw:eip

Nuclei Templates (1)

Electrolink FM/DAB/TV Transmitter - Credentials Disclosure

HIGHVERIFIEDby DhiyaneshDk

Shodan: http.title:"Electrolink"

References (1)

[Exploit, Third Party Advisory] https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0631

EPSS Percentile 91.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-522

Status published

Products (1)

electrolink/fm\/dab\/tv_transmitter_web_management_system

Published Apr 18, 2025

Tracked Since Feb 18, 2026