CVE-2025-25037

An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST requests and retrieve sensitive configuration data, including plaintext administrative credentials. Exploitation of this flaw can lead to full compromise of the system, enabling unauthorized manipulation of connected devices and aquarium parameters.

CVSS

No CVSS.

References

Link	Resource
https://fortiguard.fortinet.com/encyclopedia/ips/56008
https://vulncheck.com/advisories/aquatronica-controller-system-credential-leak
https://www.aquatronica.com
https://www.exploit-db.com/exploits/52028
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5824.php

Configurations

No configuration.

History

23 Jun 2025, 20:16

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de divulgación de información en las versiones de firmware de Aquatronica Controller System anteriores a la 5.1.6 y anteriores a la 2.0 de la interfaz web. El endpoint tcp.php no restringe el acceso no autenticado, lo que permite a atacantes remotos emitir solicitudes POST manipuladas y recuperar datos de configuración confidenciales, incluyendo credenciales administrativas en texto plano. La explotación de esta vulnerabilidad puede comprometer por completo el sistema, lo que permite la manipulación no autorizada de los dispositivos conectados y los parámetros del acuario.

20 Jun 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-20 19:15

Updated : 2025-06-23 20:16

NVD link : CVE-2025-25037

Mitre link : CVE-2025-25037

CVE.ORG link : CVE-2025-25037

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2025-25037", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-20T19:15:35.870", "references": [{"url": "https://fortiguard.fortinet.com/encyclopedia/ips/56008", "source": "disclosure@vulncheck.com"}, {"url": "https://vulncheck.com/advisories/aquatronica-controller-system-credential-leak", "source": "disclosure@vulncheck.com"}, {"url": "https://www.aquatronica.com", "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/52028", "source": "disclosure@vulncheck.com"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5824.php", "source": "disclosure@vulncheck.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST requests and retrieve sensitive configuration data, including plaintext administrative credentials. Exploitation of this flaw can lead to full compromise of the system, enabling unauthorized manipulation of connected devices and aquarium parameters."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en las versiones de firmware de Aquatronica Controller System anteriores a la 5.1.6 y anteriores a la 2.0 de la interfaz web. El endpoint tcp.php no restringe el acceso no autenticado, lo que permite a atacantes remotos emitir solicitudes POST manipuladas y recuperar datos de configuraci\u00f3n confidenciales, incluyendo credenciales administrativas en texto plano. La explotaci\u00f3n de esta vulnerabilidad puede comprometer por completo el sistema, lo que permite la manipulaci\u00f3n no autorizada de los dispositivos conectados y los par\u00e1metros del acuario."}], "lastModified": "2025-06-23T20:16:21.633", "sourceIdentifier": "disclosure@vulncheck.com"}