cbcvebase.
CVE-2025-10204
published 2025-09-14

CVE-2025-10204: A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the…

PriorityP181high7.1CVSS 4.0
AVAACLATNPRNUINVCNVINVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.45%
35.9th percentile
A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to change the administrator password without verifying login status or user permissions.

Affected

1 ranges
VendorProductVersion rangeFixed in
lg_electronicsac_smart_ii

Detection & IOCsextracted from sources · hover to see the quote

url/Doc/WebLogin.asp
path/Doc/WebLogin.asp
  • Use Shodan or FOFA to identify exposed AC Smart II instances via the fingerprint string 'Doc/WebLogin.asp' in the HTML body.
  • The hidden password reset form (div_admin_pwd) can be revealed via browser developer tools and submitted without any authentication or session validation, allowing unauthenticated admin password reset.
  • ·The hidden password reset form is embedded directly in the login page (/Doc/WebLogin.asp) with CSS visibility:hidden. No authentication or session token is required to submit it, meaning exploitation requires only network access to the device.

CVSS provenance

nvdv4.07.1HIGHCVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vulncheck7.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.