Main Vulnerability Database Vulnerabilities #VU103224

Inclusion of Undocumented Features or Chicken Bits in UD-LT2 - CVE-2025-22450

Published: January 22, 2025

Vulnerability identifier: #VU103224

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-22450

CWE-ID: CWE-1242

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: I-O DATA

Affected software:
UD-LT2

Detailed vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to inclusion of undocumented features. A remote attacker can disable the LAN-side firewall function and open specific ports.

How to mitigate CVE-2025-22450

Install updates from vendor's website.

Sources

https://jvn.jp/en/jp/JVN15293958/index.html
https://www.iodata.jp/support/information/2025/01_ud-lt2/index.htm

Inclusion of Undocumented Features or Chicken Bits in UD-LT2 - CVE-2025-22450

Detailed vulnerability description

How to mitigate CVE-2025-22450

Sources

Please verify you're human