CNNVD-202510-2324 Information

CNNVD ID

CNNVD-202510-2324

Related CVE

CVE-2025-34519

• CNNVD Published: 2025-10-16

Description (Chinese)

Ilevia EVE X1 Server是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server 4.7.18.0.eden及之前版本存在安全漏洞，该漏洞源于使用无盐MD5哈希算法存储密码，可能导致离线字典攻击、彩虹表攻击或暴力破解攻击。

Description (English)

Ilevia EVE X1 Server is an intelligent home and building automation for Ilevia in Italy. Ilevia EVE X1 Server 4.7.18.0.eden and previous versions had a security loophole, which stemmed from the use of saltless MD5 Hashi algorithms to store passwords, which could lead to an offline dictionary attack, a rainbow watch attack or a violent breakout attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ilevia

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/ilevia-eve-x1-server-insecure-hashing-algorithm https://www.ilevia.com/ https://access.redhat.com/security/cve/cve-2025-34519