CNNVD-202510-4368 Information

Oct 31, 2025 cve

CNNVD ID

CNNVD-202510-4368

CVE-2025-29270

CNNVD Published: 2025-10-31

Description (Chinese)

Deep Sea Electronics DSE855是英国Deep Sea Electronics公司的一个 USB 转以太网的通信设备。 Deep Sea Electronics DSE855 1.1.0版本至1.1.26版本存在安全漏洞，该漏洞源于realtime.cgi端点访问控制不当，可能导致攻击者获取管理员面板访问权限并完全控制设备。

Description (English)

Deep Sea Electronics DSE855 is a U.S.SB-to-Tethernet communication equipment of the British company Deep Sea Electronics. There is a security loophole between parts Deep Sea Electronics DSE 855.1.0 and 1.1.26, which stems from inadequate access controls at the realtime.cgi endpoint, which may lead the attackers to access the administrator panel and to complete control of the equipment.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Deep Sea Electronics

Published

2025-10-31

Last Modified

2026-02-24

References

https://blog.byteray.co.uk/shadow-entry-discovery-of-authentication-bypass-vulnerability-in-dse855-communications-device-938e35d4b361 https://access.redhat.com/security/cve/cve-2025-29270

Share on: