{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-26411", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "state": "PUBLISHED", "assignerShortName": "SEC-VLab", "dateReserved": "2025-02-10T07:48:38.352Z", "datePublished": "2025-02-11T09:21:16.571Z", "dateUpdated": "2025-03-14T17:16:02.468Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "Wattsense Bridge", "vendor": "Wattsense", "versions": [{"lessThan": "6.1.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Constantin Schieber-Kn\u00f6bl | SEC Consult Vulnerability Lab"}, {"lang": "en", "type": "finder", "value": "Stefan Schweighofer | SEC Consult Vulnerability Lab"}, {"lang": "en", "type": "finder", "value": "Steffen Robertz | SEC Consult Vulnerability Lab"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface to be able to conduct this attack. This issue is fixed in recent firmware versions BSP >= 6.1.0."}], "value": "An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface\u00a0to be able to conduct this attack. This issue is fixed in recent firmware versions BSP >= 6.1.0."}], "impacts": [{"capecId": "CAPEC-175", "descriptions": [{"lang": "en", "value": "CAPEC-175 Code Inclusion"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2025-02-11T09:21:16.571Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://r.sec-consult.com/wattsense"}, {"tags": ["release-notes"], "url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue is fixed in recent firmware versions BSP >= 6.1.0."}], "value": "This issue is fixed in recent firmware versions BSP >= 6.1.0."}], "source": {"discovery": "EXTERNAL"}, "title": "Authenticated Arbitrary Python File Upload via Plugin Manager", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-11T14:33:44.192168Z", "id": "CVE-2025-26411", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-14T17:16:02.468Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-26411", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-11T14:33:44.192168Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T14:34:26.418Z"}}], "cna": {"title": "Authenticated Arbitrary Python File Upload via Plugin Manager", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Constantin Schieber-Kn\u00f6bl | SEC Consult Vulnerability Lab"}, {"lang": "en", "type": "finder", "value": "Stefan Schweighofer | SEC Consult Vulnerability Lab"}, {"lang": "en", "type": "finder", "value": "Steffen Robertz | SEC Consult Vulnerability Lab"}], "impacts": [{"capecId": "CAPEC-175", "descriptions": [{"lang": "en", "value": "CAPEC-175 Code Inclusion"}]}], "affected": [{"vendor": "Wattsense", "product": "Wattsense Bridge", "versions": [{"status": "affected", "version": "0", "lessThan": "6.1.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "solutions": [{"lang": "en", "value": "This issue is fixed in recent firmware versions BSP >= 6.1.0.", "supportingMedia": [{"type": "text/html", "value": "This issue is fixed in recent firmware versions BSP >= 6.1.0.", "base64": false}]}], "references": [{"url": "https://r.sec-consult.com/wattsense", "tags": ["third-party-advisory"]}, {"url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes", "tags": ["release-notes"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface\u00a0to be able to conduct this attack. This issue is fixed in recent firmware versions BSP >= 6.1.0.", "supportingMedia": [{"type": "text/html", "value": "An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface to be able to conduct this attack. This issue is fixed in recent firmware versions BSP >= 6.1.0.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2025-02-11T09:21:16.571Z"}}}, "cveMetadata": {"cveId": "CVE-2025-26411", "state": "PUBLISHED", "dateUpdated": "2025-03-14T17:16:02.468Z", "dateReserved": "2025-02-10T07:48:38.352Z", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "datePublished": "2025-02-11T09:21:16.571Z", "assignerShortName": "SEC-VLab"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the Wattsense web interface\u00a0to be able to conduct this attack. This issue is fixed in recent firmware versions BSP >= 6.1.0."}, {"lang": "es", "value": "Un atacante autenticado puede usar el Administrador de complementos de la interfaz web de los dispositivos Wattsense Bridge para cargar archivos Python maliciosos en el dispositivo. Esto le permite a un atacante obtener acceso remoto a la ra\u00edz del dispositivo. Un atacante necesita una cuenta de usuario v\u00e1lida en la interfaz web de Wattsense para poder llevar a cabo este ataque. Este problema se solucion\u00f3 en las versiones recientes de firmware BSP >= 6.1.0."}], "id": "CVE-2025-26411", "lastModified": "2025-03-14T18:15:31.947", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-02-11T10:15:09.973", "references": [{"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://r.sec-consult.com/wattsense"}, {"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes"}], "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "type": "Secondary"}]}

{}