CVE-2025-25613 — HIGH (7.5)

Q: How severe is CVE-2025-25613?

CVE-2025-25613 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-25613?

Check the references section above for vendor advisories and patch information. Affected products include: Fs S3150-8T2F Firmware, Fs S3150-8T2F.

Vulnerability Description

FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based administrative application containing usernames and passwords. These were transmitted in cleartext using simple base64 encoding during every POST request made to the server.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Fs	S3150-8T2F Firmware	< 2.2.0D
Fs	S3150-8T2F	-

Related Weaknesses (CWE)

CWE-312

References

http://fs.comProduct
http://s3150-8t2f.comBroken Link
https://github.com/SwiftSecur/S3150-8T2F-FS.com-Research/wikiExploitThird Party Advisory

FAQ

What is CVE-2025-25613?

CVE-2025-25613 is a vulnerability with a CVSS score of 7.5 (HIGH). FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based admin...

How severe is CVE-2025-25613?

CVE-2025-25613 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-25613?

Check the references section above for vendor advisories and patch information. Affected products include: Fs S3150-8T2F Firmware, Fs S3150-8T2F.