CVE-2025-34034

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-34034
A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials Third Party Advisory
https://www.exploit-db.com/exploits/46792 Exploit Third Party Advisory
https://www.exploit-db.com/exploits/46792 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:5vtechnologies:blue_angel_software_suite:*:*:*:*:*:*:*:*
History

09 Jul 2025, 19:09

Type Values Removed Values Added
First Time 5vtechnologies blue Angel Software Suite
5vtechnologies
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8
References () https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials - () https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials - Third Party Advisory
References () https://www.exploit-db.com/exploits/46792 - () https://www.exploit-db.com/exploits/46792 - Exploit, Third Party Advisory
CPE cpe:2.3:a:5vtechnologies:blue_angel_software_suite:*:*:*:*:*:*:*:*

26 Jun 2025, 18:58

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de credenciales codificada en Blue Angel Software Suite, implementada en sistemas Linux incorporados. La aplicación contiene varias cuentas de usuario predeterminadas y codificadas que no se divulgan en la documentación pública. Estas cuentas permiten a atacantes no autenticados o con pocos privilegios obtener acceso administrativo a la interfaz web del dispositivo.

24 Jun 2025, 22:15

Type Values Removed Values Added
References () https://www.exploit-db.com/exploits/46792 - () https://www.exploit-db.com/exploits/46792 -

24 Jun 2025, 03:15

Type Values Removed Values Added
References
  • {'url': 'https://vulncheck.com/advisories/blue-angel-software-suite-command-injection-default-credentials', 'source': 'disclosure@vulncheck.com'}
  • () https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentials -

24 Jun 2025, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-24 01:15

Updated : 2025-07-09 19:09

NVD link : CVE-2025-34034

Mitre link : CVE-2025-34034

CVE.ORG link : CVE-2025-34034

JSON object : View

Products Affected

5vtechnologies

  • blue_angel_software_suite
CWE
CWE-798

Use of Hard-coded Credentials