CVE-2025-7214

LOW

FNKvision FNK-GU2 <40.1.7 - Risky Cryptographic Algorithm

Title source: llm

Description

A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

References (4)

Core 4

Core References

Permissions Required, VDB Entry vdb-entry

https://vuldb.com/?id.315163

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.315163

Permissions Required, VDB Entry third-party-advisory

https://vuldb.com/?submit.608027

Various Sources exploit

https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21

Scores

CVSS v3 1.6

EPSS 0.0009

EPSS Percentile 0.8%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-310 CWE-327

Status published

Products (8)

FNKvision/FNK-GU2 40.1.0

FNKvision/FNK-GU2 40.1.1

FNKvision/FNK-GU2 40.1.2

FNKvision/FNK-GU2 40.1.3

FNKvision/FNK-GU2 40.1.4

FNKvision/FNK-GU2 40.1.5

FNKvision/FNK-GU2 40.1.6

FNKvision/FNK-GU2 40.1.7

Published Jul 09, 2025

Tracked Since Feb 18, 2026