{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9576", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-08-28T11:09:55.094Z", "datePublished": "2025-08-28T18:02:08.263Z", "dateUpdated": "2025-08-28T18:23:48.501Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-28T18:02:08.263Z"}, "title": "seeedstudio ReSpeaker Administrative shadow default credentials", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-1392", "lang": "en", "description": "Use of Default Credentials"}]}], "affected": [{"vendor": "seeedstudio", "product": "ReSpeaker", "versions": [{"version": "LinkIt7688", "status": "affected"}], "modules": ["Administrative Interface"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "In seeedstudio ReSpeaker LinkIt7688 wurde eine Schwachstelle gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /etc/shadow der Komponente Administrative Interface. Die Ver\u00e4nderung resultiert in use of default credentials. Der Angriff erfordert einen lokalen Zugriff. Das Durchf\u00fchren eines Angriffs ist mit einer relativ hohen Komplexit\u00e4t verbunden. Die Ausnutzung wird als schwierig beschrieben. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2, "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "LOW"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 2.5, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 2.5, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1, "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-08-28T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-08-28T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-08-28T13:15:00.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "lxyilu (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.321690", "name": "VDB-321690 | seeedstudio ReSpeaker Administrative shadow default credentials", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.321690", "name": "VDB-321690 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.636068", "name": "Submit #636068 | seeedstudio ReSpeaker Core - Based On MT7688 and OpenWRT ramips-openwrt-LinkIt7688 Insecure Storage of Sensitive Information", "tags": ["third-party-advisory"]}, {"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md", "tags": ["related"]}, {"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md#steps-to-reproduce", "tags": ["exploit"]}]}, "adp": [{"references": [{"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md", "tags": ["exploit"]}, {"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md#steps-to-reproduce", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-28T18:23:45.673388Z", "id": "CVE-2025-9576", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-28T18:23:48.501Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9576", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-28T18:23:45.673388Z"}}}], "references": [{"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md", "tags": ["exploit"]}, {"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md#steps-to-reproduce", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-28T18:23:41.164Z"}}], "cna": {"title": "seeedstudio ReSpeaker Administrative shadow default credentials", "credits": [{"lang": "en", "type": "reporter", "value": "lxyilu (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 2.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 2.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1, "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "seeedstudio", "modules": ["Administrative Interface"], "product": "ReSpeaker", "versions": [{"status": "affected", "version": "LinkIt7688"}]}], "timeline": [{"lang": "en", "time": "2025-08-28T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-08-28T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-08-28T13:15:00.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.321690", "name": "VDB-321690 | seeedstudio ReSpeaker Administrative shadow default credentials", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.321690", "name": "VDB-321690 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.636068", "name": "Submit #636068 | seeedstudio ReSpeaker Core - Based On MT7688 and OpenWRT ramips-openwrt-LinkIt7688 Insecure Storage of Sensitive Information", "tags": ["third-party-advisory"]}, {"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md", "tags": ["related"]}, {"url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md#steps-to-reproduce", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "In seeedstudio ReSpeaker LinkIt7688 wurde eine Schwachstelle gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /etc/shadow der Komponente Administrative Interface. Die Ver\u00e4nderung resultiert in use of default credentials. Der Angriff erfordert einen lokalen Zugriff. Das Durchf\u00fchren eines Angriffs ist mit einer relativ hohen Komplexit\u00e4t verbunden. Die Ausnutzung wird als schwierig beschrieben. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1392", "description": "Use of Default Credentials"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-28T18:02:08.263Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9576", "state": "PUBLISHED", "dateUpdated": "2025-08-28T18:23:48.501Z", "dateReserved": "2025-08-28T11:09:55.094Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-08-28T18:02:08.263Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:seeedstudio:linkit_smart_7688_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C143F9CE-FCEA-4374-8863-BC12E79DD74E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:seeedstudio:linkit_smart_7688:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BAD5064-27E6-4A5B-A847-578DC0077993", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2025-9576", "lastModified": "2025-09-09T19:13:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 1.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-08-28T18:15:34.810", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md#steps-to-reproduce"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.321690"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.321690"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.636068"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/XXRicardo/iot-cve/blob/main/seeedstudio/ramips-openwrt-LinkIt7688.md#steps-to-reproduce"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1392"}], "source": "cna@vuldb.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}