CVE-2025-28228
published 2025-04-18CVE-2025-28228: A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized…
PriorityP352high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.58%
72.5th percentile
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Electrolink FM/DAB/TV Transmitter - Credentials Disclosure
nuclei·CVSS 7.5
CVE-2025-28228 [HIGH] Electrolink FM/DAB/TV Transmitter - Credentials Disclosure
Electrolink FM/DAB/TV Transmitter - Credentials Disclosure
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext.
Template:
id: CVE-2025-28228
info:
name: Electrolink FM/DAB/TV Transmitter - Credentials Disclosure
author: DhiyaneshDk
severity: high
description: |
A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext.
impact: |
Unauthenticated attackers can access plaintext credentials through the controlloLogin.js file, potentially gaining unauthorized access to Electrolink transmitter man
No writeups or analysis indexed.
2025-04-18
Published