CVE-2025-44643

{"id": "CVE-2025-44643", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 3.9}]}, "published": "2025-08-04T15:15:32.197", "references": [{"url": "http://draytek.com", "source": "[email protected]"}, {"url": "https://www.notion.so/Misconfiguration-in-Draytek-AP903-23a54a1113e780aca7f2d21dbdab9db8", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-276"}, {"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could exploit this to gain unauthorized control over the routing daemon, potentially altering network routes or intercepting traffic."}, {"lang": "es", "value": "Algunos productos Draytek se ven afectados por la configuraci\u00f3n insegura. Esto afecta a AP903 v1.4.18, AP912C v1.4.9 y AP918R v1.4.9. La configuraci\u00f3n de la propiedad de contrase\u00f1a en el archivo de configuraci\u00f3n ripd.conf establece una contrase\u00f1a d\u00e9bil y mal configurada, lo que supone un riesgo de seguridad. Un atacante con acceso a la red podr\u00eda aprovechar esto para obtener control no autorizado sobre el daemon de enrutamiento, alterando potencialmente las rutas de red o interceptando el tr\u00e1fico."}], "lastModified": "2025-08-05T14:34:17.327", "sourceIdentifier": "[email protected]"}