CVE-2025-48413 – Apache Device Hard-Coded Root Password Backdoor

May 21, 2025

CVE ID : CVE-2025-48413

Published : May 21, 2025, 12:16 p.m. | 2 hours, 34 minutes ago

Description : The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating system “root” user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device. Authentication can be performed via SSH backdoor or likely via physical access (UART shell).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48414 – Apache Web Interface Unauthenticated Script Execution Vulnerability

Next Article CVE-2025-3781 – WordPress Raisely Donation Form Stored Cross-Site Scripting Vulnerability

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

Bookworms: Don’t skip this Kindle Paperwhite Essentials bundle that’s on sale

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

I’ve been using this Alienware 240Hz gaming monitor for 2 years — less than $1 a day if I’d bought it with this Prime Day discount

Final Fantasy IX Remake possibly cancelled according to latest rumors — Which may be the saddest way to celebrate this legendary game’s 25th anniversary

Token Limit – Monitor token usage in AI context files

Token Limit – Monitor token usage in AI context files

Perficient Named a 2025 Best Place to Work in Orange County!

Perficient Recognized by Leading Analyst Firm for Automotive and Mobility Expertise

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

I’ve been using this Alienware 240Hz gaming monitor for 2 years — less than $1 a day if I’d bought it with this Prime Day discount

Final Fantasy IX Remake possibly cancelled according to latest rumors — Which may be the saddest way to celebrate this legendary game’s 25th anniversary

CVE-2025-48413 – Apache Device Hard-Coded Root Password Backdoor

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

CVE-2025-47957 – Microsoft Office Word Use-After-Free Remote Code Execution Vulnerability

CVE-2025-5569 – IdeaCMS SQL Injection Vulnerability

The Elder Scrolls 4: Oblivion Remastered buying guide — Which version of the game is right for you?

CVE-2025-53483 – Mediawiki SecurePoll CSRF

CVE-2025-30415 – Acronis Cyber Protect Cloud Agent Denial of Service Vulnerability

April 2025 Baseline monthly digest

CVE-2025-5162 – H3C SecCenter SMP-E1114P02 Remote File Upload Vulnerability

CVE-2025-46420 – Libsoup Memory Leak Vulnerability

CVE-2025-48413 – Apache Device Hard-Coded Root Password Backdoor

Related Posts