CNNVD-202508-3123 Information

CNNVD ID

CNNVD-202508-3123

Related CVE

CVE-2025-41702

• CNNVD Published: 2025-08-26

Description (Chinese)

Welotec EG400Mk2 series和Welotec EG500Mk2 series都是德国Welotec公司的一系列边缘IoT计算网关。 Welotec多款产品存在安全漏洞，该漏洞源于JWT密钥硬编码在egOS WebGUI后端，可能导致绕过身份验证和授权。以下产品受到影响：EG400Mk2-D11001-000101、EG503W、EG503L、EG503W_4GB等。

Description (English)

Welotec EG 400 Mk2 series and Welotec EG 500 Mk2 series are a series of edge IOT computing gateways for Welotec, Germany. There is a safety gap in a number of Welotec products, which stems from the fact that the JWT key code is at the back end of the egOS WebGUI, which may result in circumventing authentication and authorization. The following products were affected: EG400Mk2-D1110001-000101, EG503W, EG503L, EG503W 4GB, etc.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Welotec

Published

2025-08-26

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2025-076 https://nvd.nist.gov/vuln/detail/CVE-2025-41702