CVE-2025-69929
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk32th percentile - higher than 32% of all known CVEs
Summary
A vulnerability in N3uron Web User Interface version 1.21.7-240207.1047 allows a remote attacker to escalate privileges by hashing passwords on the client side using the MD5 algorithm over a predictable string format.
Risk Assessment
An attacker can gain unauthorized access to higher-privileged accounts, potentially leading to system compromise and data confidentiality breaches.
Recommendation
Immediately update N3uron Web User Interface to the latest version and implement server-side password hashing using a strong algorithm (e.g., bcrypt).
Original NVD description (English source)
An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format

