CVE-2025-41702

egOS WebGUI Hard-Coded JWT Secret Enables Authentication Bypass

Description

The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.

Category

9.8
CVSS
Severity: Critical
CVSS 3.1 •
EPSS 0.14%
Affected: Welotec EG400Mk2-D11001-000101
Affected: Welotec EG400Mk2-D11101-000101
Affected: Welotec EG503W
Affected: Welotec EG503L
Affected: Welotec EG503W_4GB
Affected: Welotec EG503L_4GB
Affected: Welotec EG503L-G
Affected: Welotec EG500Mk2-A11101-000101
Affected: Welotec EG500Mk2-A11001-000101
Affected: Welotec EG500Mk2-B11101-000101
Affected: Welotec EG500Mk2-B11001-000101
Affected: Welotec EG500Mk2-C11101-000101
Affected: Welotec EG500Mk2-C11001-000101
Affected: Welotec EG500Mk2-A12011-000101
Affected: Welotec EG500Mk2-A11001-000201
Affected: Welotec EG500Mk2-A21101-000101
Affected: Welotec EG602W
Affected: Welotec EG602L
Affected: Welotec EG603W Mk2
Affected: Welotec EG603L Mk2
Affected: Welotec EG802W
Affected: Welotec EG804W
Affected: Welotec EG802W_i7_512GB_DinRail
Affected: Welotec EG802W_i7_512GB_w/o DinRail
Affected: Welotec EG804W Pro
Published at:
Updated at:

References

Link Tags
https://certvde.com/de/advisories/VDE-2025-076

Frequently Asked Questions

What is the severity of CVE-2025-41702?
CVE-2025-41702 has been scored as a critical severity vulnerability.
How to fix CVE-2025-41702?
To fix CVE-2025-41702, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-41702 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-41702 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-41702?
CVE-2025-41702 affects Welotec EG400Mk2-D11001-000101, Welotec EG400Mk2-D11101-000101, Welotec EG503W, Welotec EG503L, Welotec EG503W_4GB, Welotec EG503L_4GB, Welotec EG503L-G, Welotec EG500Mk2-A11101-000101, Welotec EG500Mk2-A11001-000101, Welotec EG500Mk2-B11101-000101, Welotec EG500Mk2-B11001-000101, Welotec EG500Mk2-C11101-000101, Welotec EG500Mk2-C11001-000101, Welotec EG500Mk2-A12011-000101, Welotec EG500Mk2-A11001-000201, Welotec EG500Mk2-A21101-000101, Welotec EG602W, Welotec EG602L, Welotec EG603W Mk2, Welotec EG603L Mk2, Welotec EG802W, Welotec EG804W, Welotec EG802W_i7_512GB_DinRail, Welotec EG802W_i7_512GB_w/o DinRail, Welotec EG804W Pro.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.