CVE-2025-34034HIGH 8.8EPSS p42.4%

CVE-2025-34034CVE-2025-34034

Description

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-26 UTC.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.56% probability of exploitation · percentile 42.4% · 2026-06-19T12:03:05Z
Published2025-06-24
Last modified2025-11-20

Underlying weaknesses· 1

CWE-798

References

  1. https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials
  2. https://www.exploit-db.com/exploits/46792
  3. https://www.exploit-db.com/exploits/46792

1

TypeTargetConfidenceTier
WeaknessUse of Hard-coded Credentialscwe-7980%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-34033
CVE
CVE-2025-1393
CVE
CVE-2026-35075
CVE
CVE-2025-12176
CVE
CVE-2025-3499
CVE
CVE-2025-40805
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.