Unrated severityNVD Advisory· Published May 19, 2025· Updated May 19, 2025

CVE-2025-28371

Description

EnGenius ENH500 AP 2T2R V3.0 FW3.7.22 is vulnerable to Incorrect Access Control via the password change function. The device fails to validate the current password, allowing an attacker to submit a password change request with an invalid current password and set a new password.

Affected products

EnGenius/ENH500 APdescription
EnGenius/ENH500 AP 2T2R V3.0llm-create
Range: FW3.7.22

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drive.google.com/file/d/1kQFOyFQYycKynIBjbU8bMx2gYTG3Bxi2/viewmitre
pastebin.com/raw/EnL1XT2nmitre
pastebin.com/raw/hziq1nGHmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000