VYPR

Wattsense Bridge

by Wattsense

CVEs (2)

  • CVE-2025-26411HigFeb 11, 2025
    risk 0.57cvss 8.8epss 0.01

    An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the…

  • CVE-2025-26409MedFeb 11, 2025
    risk 0.44cvss 6.8epss 0.00

    A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This…