CVE-2025-71317

CRITICAL

NetMan 204 Hard-coded Backdoor Credentials

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-71317. PoCs published by Parsa Rezaie Khiabanloo.

AI-analyzed exploit summary This writeup details an authentication bypass vulnerability in Netman 204 UPS panels, allowing unauthenticated access to sensitive endpoints and remote commands. It includes specific URLs and methods to exploit the flaw, such as using default credentials and path traversal techniques.

Description

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.

Exploits (1)

exploitdb WRITEUP

by Parsa Rezaie Khiabanloo · texthardwaremultiple

https://www.exploit-db.com/exploits/52183

View Code ZIP pw:eip

This writeup details an authentication bypass vulnerability in Netman 204 UPS panels, allowing unauthenticated access to sensitive endpoints and remote commands. It includes specific URLs and methods to exploit the flaw, such as using default credentials and path traversal techniques.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Netman 204 UPS panel

No auth needed

Prerequisites: Network access to the target UPS panel · Shodan or similar search tool to locate vulnerable devices

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Jun 06, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

Exploit-DB

https://www.exploit-db.com/exploits/52183

Product product

Vendor

https://www.riello-ups.com/downloads/25-netman-204

Third Party Advisory third-party-advisory

VulnCheck Advisory: NetMan 204 Hard-coded Backdoor Credentials

https://www.vulncheck.com/advisories/netman-204-hard-coded-backdoor-credentials

Scores

CVSS v3 9.8

EPSS 0.0008

EPSS Percentile 23.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-798

Status published

Products (1)

Riello UPS/NetMan 204

Published Jun 05, 2026

Tracked Since Jun 06, 2026