VYPR
Medium severity6.5NVD Advisory· Published May 21, 2025· Updated Apr 15, 2026

CVE-2025-27803

CVE-2025-27803

Description

The devices do not implement any authentication for the web interface or the MQTT server. An attacker who has network access to the device immediately gets administrative access to the devices and can perform arbitrary administrative actions and reconfigure the devices or potentially gain access to sensitive data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.