CVE-2025-5484 – SinoTrack Default Password Vulnerability (Weak Authentication)

CVE ID : CVE-2025-5484

Published : June 12, 2025, 8:15 p.m. | 45 minutes ago

Description : A username and password are required to authenticate to the central
SinoTrack device management interface. The username for all devices is
an identifier printed on the receiver. The default password is
well-known and common to all devices. Modification of the default
password is not enforced during device setup. A malicious actor can
retrieve device identifiers with either physical access or by capturing
identifiers from pictures of the devices posted on publicly accessible
websites such as eBay.

Severity: 8.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…