CVE-2025-63422
HIGHEach Italy Wireless Mini Router - Privilege Escalation
Title source: llmDescription
Incorrect access control in the Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to arbitrarily change the administrator username and password via sending a crafted GET request.
References (2)
Core 2
Core References
Various Sources
https://imgur.com/a/X9DNOBj
Scores
CVSS v3
7.5
EPSS
0.0028
EPSS Percentile
19.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Published
Oct 30, 2025
Tracked Since
Feb 18, 2026