CVE-2025-41702
CRITICALWelotec EG400Mk2 EG503 - Unauthenticated Authentication Bypass via Hard-coded JWT Secret Key
Title source: llmDescription
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.
References (1)
Core 1
Core References
Various Sources
https://certvde.com/de/advisories/VDE-2025-076
Scores
CVSS v3
9.8
EPSS
0.0049
EPSS Percentile
38.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-321
Status
published
Products (50)
Welotec/EG400Mk2-D11001-000101
0.0.0 - v1.7.7
Welotec/EG400Mk2-D11001-000101
v1.8.0 - v1.8.2
Welotec/EG400Mk2-D11101-000101
0.0.0 - v1.7.7
Welotec/EG400Mk2-D11101-000101
v1.8.0 - v1.8.2
Welotec/EG500Mk2-A11001-000101
0.0.0 - v1.7.7
Welotec/EG500Mk2-A11001-000101
v1.8.0 - v1.8.2
Welotec/EG500Mk2-A11001-000201
0.0.0 - <v1.7.7
Welotec/EG500Mk2-A11001-000201
v1.8.0 - v1.8.2
Welotec/EG500Mk2-A11101-000101
0.0.0 - v1.7.7
Welotec/EG500Mk2-A11101-000101
v1.8.0 - v1.8.2
... and 40 more
Published
Aug 26, 2025
Tracked Since
Feb 18, 2026