CVE-2025-46275
published 2025-04-24CVE-2025-46275: WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without knowing any existing…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.49%
38.6th percentile
WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could
allow an attacker to create an administrator account without knowing any
existing credentials.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| planet_technology | wgs-4215-8t2s | <= 1.305b241115 | — |
| planet_technology | wgs-804hpt-v2 | <= 2.305b250121 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2025-46275 affects WGS-804HPT-V2 (versions 2.305b250121 and prior) and WGS-4215-8T2S (versions 1.305b241115 and prior); detect unauthenticated POST/GET requests to administrator account creation endpoints on these devices with no session/auth token present ↗
- →Alert on any new administrator account creation events on WGS-804HPT-V2 or WGS-4215-8T2S devices, especially those not preceded by an authenticated session, as the vulnerability allows account creation without any prior credentials ↗
- →These devices should not be internet-facing; detect and alert on any direct inbound connections to management interfaces of WGS-804HPT-V2 or WGS-4215-8T2S from external/untrusted networks, as exploitation requires no authentication and is remotely exploitable with low complexity ↗
- ·CVE-2025-46275 is one of five related vulnerabilities (CVE-2025-46271 through CVE-2025-46275) affecting Planet Technology network products; ensure detections and mitigations cover the full set, including OS command injection (CVE-2025-46271, CVE-2025-46272) and hard-coded credentials (CVE-2025-46273, CVE-2025-46274) ↗
- ·Affected firmware versions for CVE-2025-46275: WGS-804HPT-V2 versions 2.305b250121 and prior; WGS-4215-8T2S versions 1.305b241115 and prior. Patches have been released by Planet Technology for both devices. ↗
- ·No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at the time of advisory publication (April 24, 2025) ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Planet Technology Network Products
cisa_ics·2025-04-24·CVSS 9.1
[CRITICAL] Planet Technology Network Products
ICS Advisory
##
Planet Technology Network Products
Release DateApril 24, 2025
Alert CodeICSA-25-114-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Planet Technology
- Equipment: Planet Technology Network Products
- Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Use of Hard-coded Credentials, Missing Authentication for Critical Function
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to read or manipulate device data, gain administrative privileges, or alter database entries.
## 3. TECHNICAL D
GHSA
GHSA-2vgj-6cm5-qr57: WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could
allow an attacker to create an administrator account without knowing any
existing
ghsa_unreviewed·2025-04-25
CVE-2025-46275 [CRITICAL] CWE-306 GHSA-2vgj-6cm5-qr57: WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could
allow an attacker to create an administrator account without knowing any
existing
WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could
allow an attacker to create an administrator account without knowing any
existing credentials.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-24
Published