CVE-2025-2766HIGH 8.8EPSS p21.5%

CVE-2025-2766CVE-2025-2766

Description

70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of 70mai A510. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default configuration of user accounts. The configuration contains default password. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the root. Was ZDI-CAN-24996.

Scoring

CVSS 3.08.8 (HIGH)
VectorCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.30% probability of exploitation · percentile 21.5% · 2026-06-18T12:00:27Z
Published2025-06-06
Last modified2025-08-18

Underlying weaknesses· 1

CWE-1393

References

  1. https://www.zerodayinitiative.com/advisories/ZDI-25-180/

1

TypeTargetConfidenceTier
WeaknessUse of Default Passwordcwe-13930%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-6529
CVE
CVE-2025-11943
CVE
CVE-2026-35075
CVE
CVE-2026-22910
CVE
CVE-2025-1960
CVE
CVE-2025-30026
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.