CVE-2025-28228

A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228

Configurations

No configuration.

History

22 Apr 2025, 15:16

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de exposición de credenciales en Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, y Display v1.4, v1.2 permite a atacantes no autorizados acceder a credenciales en texto sin formato.
CWE		CWE-522
References	~~() https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228 -~~	() https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228 -
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

21 Apr 2025, 14:23

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-18 15:15

Updated : 2025-04-22 15:16

NVD link : CVE-2025-28228

Mitre link : CVE-2025-28228

CVE.ORG link : CVE-2025-28228

JSON object : View

Products Affected

No product.

CWE

CWE-522

Insufficiently Protected Credentials

7.5 /10