CVE-2025-65855

MEDIUM

Netun Solutions HelpFlash IoT v18_178_221102_ASCII_PRO_1R5_50 - RCE

Title source: llm

Description

The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mode (8-second button press), create a malicious WiFi AP using the known credentials, and serve malicious firmware via unauthenticated HTTP to achieve arbitrary code execution on this safety-critical emergency signaling device.

Exploits (1)

nomisec WRITEUP
by LuisMirandaAcebedo · poc
https://github.com/LuisMirandaAcebedo/CVE-2025-65855

References (2)

Scores

CVSS v3 6.6
EPSS 0.0001
EPSS Percentile 0.6%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-319 CWE-494 CWE-798
Status published
Products (1)
netun/helpflash_iot_firmware 18_178_221102_ascii_pro_1r5_50
Published Dec 17, 2025
Tracked Since Feb 18, 2026