SB2025032625 - Multiple vulnerabilities in BEC Technologies Routers

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Cleartext storage of sensitive information (CVE-ID: CVE-2025-2770)

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to cleartext storage of sensitive information within the web-based user interface. A remote administrator can disclose stored credentials.

2) OS Command Injection (CVE-ID: CVE-2025-2773)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation within the management interface. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Insufficiently protected credentials (CVE-ID: CVE-2025-2772)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficiently protected credentials within /cgi-bin/tools_usermanage.asp. A remote attacker on the local network can disclose transported credentials.

4) Improper Authentication (CVE-ID: CVE-2025-2771)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests within the web-based user interface. A remote attacker can bypass authentication process and gain unauthorized access to the application.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://www.zerodayinitiative.com/advisories/ZDI-25-186/
• https://www.zerodayinitiative.com/advisories/ZDI-25-187/
• https://www.zerodayinitiative.com/advisories/ZDI-25-185/
• https://www.zerodayinitiative.com/advisories/ZDI-25-184/