Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access hardcoded administrator credentials.
References
Link | Resource |
---|---|
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230 | Exploit Third Party Advisory |
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
09 Jul 2025, 17:20
Type | Values Removed | Values Added |
---|---|---|
First Time |
Jmbroadcast
Jmbroadcast jmb0150 Jmbroadcast jmb0150 Firmware |
|
References | () https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:h:jmbroadcast:jmb0150:-:*:*:*:*:*:*:* cpe:2.3:o:jmbroadcast:jmb0150_firmware:1.0:*:*:*:*:*:*:* |
22 Apr 2025, 15:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
CWE | CWE-798 | |
References | () https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230 - | |
Summary |
|
21 Apr 2025, 14:23
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-18 15:15
Updated : 2025-07-09 17:20
NVD link : CVE-2025-28230
Mitre link : CVE-2025-28230
CVE.ORG link : CVE-2025-28230
JSON object : View
Products Affected
jmbroadcast
- jmb0150
- jmb0150_firmware
CWE
CWE-798
Use of Hard-coded Credentials