CVEs-PoC/2025/CVE-2025-0626.md at 4e4e30233e70832d643d5c6ab6fbfa6f130b4bb1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-30 04:59:31 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to update the device from the user menu. This could serve as a backdoor to the device, and could lead to a malicious actor being able to upload and overwrite files on the device.

POC

Reference

https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/

Github

No PoCs found on GitHub currently.

1.1 KiB Raw Blame History

CVE-2025-0626

Description

POC

Reference

Github

1.1 KiB

Raw Blame History