CVE-2025-14126 | TOZED ZLT M30S/ZLT M30S PRO 1.47/3.09.06 Web Interface hard-coded credentials

Inserito da Angelo Barbosa | Dic 5, 2025 | CVE

A vulnerability was found in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06 and classified as critical. Affected is an unknown function of the component Web Interface. Such manipulation leads to hard-coded credentials.

This vulnerability is referenced as CVE-2025-14126. The attack needs to be initiated within the local network. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-14126 | TOZED ZLT M30S/ZLT M30S PRO 1.47/3.09.06 Web Interface hard-coded credentials

Post correlati

CVE-2025-11735 | HUSKY Plugin up to 1.3.7.1 on WordPress phrase sql injection

CVE-2024-7691 | Flaming Forms Plugin up to 1.0.1 on WordPress cross site scripting

CVE-2024-0379 | Custom Twitter Feeds Plugin up to 2.2.1 on WordPress Options Update cross-site request forgery

CVE-2025-25776 | Codeastro Bus Ticket Booking System 1.0 User Registration Full Name/Address cross site scripting