{"id":65006,"date":"2025-06-13T01:31:40","date_gmt":"2025-06-12T22:01:40","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-5484-sinotrack-default-password-vulnerability-weak-authentication\/"},"modified":"2025-06-13T01:31:40","modified_gmt":"2025-06-12T22:01:40","slug":"cve-2025-5484-sinotrack-default-password-vulnerability-weak-authentication","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-5484-sinotrack-default-password-vulnerability-weak-authentication\/","title":{"rendered":"CVE-2025-5484 &#8211; SinoTrack Default Password Vulnerability (Weak Authentication)"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-5484<br \/>\n<br \/>\n<strong>Published : <\/strong> June 12, 2025, 8:15 p.m. | 45\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>A username and password are required to authenticate to the central<br \/>\nSinoTrack device management interface. The username for all devices is<br \/>\nan identifier printed on the receiver. The default password is<br \/>\nwell-known and common to all devices. Modification of the default<br \/>\npassword is not enforced during device setup. A malicious actor can<br \/>\nretrieve device identifiers with either physical access or by capturing<br \/>\nidentifiers from pictures of the devices posted on publicly accessible<br \/>\nwebsites such as eBay.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 8.3 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-5484 Published : June 12, 2025, 8:15 p.m. | 45\u00a0minutes ago Description : A username and password are required to authenticate to the central SinoTrack device management interface. The username for all devices is an identifier printed on the receiver. The default password is well-known and common to all devices. Modification of &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-65006","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/65006","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=65006"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/65006\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=65006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=65006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=65006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}