{"id":67992,"date":"2025-08-13T16:31:46","date_gmt":"2025-08-13T13:01:46","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-54464-zkteco-wl20-unencrypted-credentials-storage\/"},"modified":"2025-08-13T16:31:46","modified_gmt":"2025-08-13T13:01:46","slug":"cve-2025-54464-zkteco-wl20-unencrypted-credentials-storage","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-54464-zkteco-wl20-unencrypted-credentials-storage\/","title":{"rendered":"CVE-2025-54464 &#8211; ZKTeco WL20 Unencrypted Credentials Storage"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-54464<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 13, 2025, 12:15 p.m. | 31\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials stored in the firmware of targeted device.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 0.0 | NA<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-54464 Published : Aug. 13, 2025, 12:15 p.m. | 31\u00a0minutes ago Description : This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-67992","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/67992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=67992"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/67992\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=67992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=67992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=67992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}