CVE-2025-28371 is a medium-severity vulnerability affecting the EnGenius ENH500 Access Point (AP) 2T2R V3.0 firmware version 3.7.22. The vulnerability arises from incorrect access control in the device's password change function. Specifically, the device fails to validate the current password when processing a password change request. This flaw allows an unauthenticated attacker to submit a password change request with an invalid or arbitrary current password and successfully set a new password. The vulnerability is classified under CWE-284 (Improper Access Control). The CVSS 3.1 base score is 6.5, reflecting a network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), low confidentiality impact (C:L), no integrity impact (I:N), and low availability impact (A:L). The vulnerability enables an attacker to gain control over the device by resetting the password without authentication, potentially allowing further unauthorized configuration changes or network access. No known exploits are reported in the wild at the time of publication (May 19, 2025), and no patches or vendor advisories have been linked yet. The vulnerability affects a widely deployed wireless access point model used in enterprise and possibly industrial or public network environments, making it a significant risk if exploited.

For European organizations, this vulnerability poses a notable risk, especially for those deploying EnGenius ENH500 APs in their network infrastructure. Successful exploitation allows attackers to bypass authentication controls and change device passwords remotely over the network. This can lead to unauthorized administrative access, enabling attackers to alter network configurations, intercept or redirect traffic, or create persistent backdoors. The low confidentiality impact rating indicates limited direct data exposure, but the ability to control network infrastructure devices can indirectly compromise sensitive information and network integrity. Availability impact, although low, could manifest as service disruptions or denial of wireless connectivity if attackers misconfigure or disable the APs. Given the critical role of wireless access points in enterprise connectivity, this vulnerability could disrupt business operations, especially in sectors relying on wireless networks for critical communications. The lack of required privileges or user interaction lowers the barrier for exploitation, increasing the threat level. European organizations with remote or unmanaged deployments of affected APs are particularly vulnerable, as attackers can exploit the flaw without physical access or user involvement.

Immediate mitigation steps include isolating affected EnGenius ENH500 APs from untrusted networks until a firmware update or patch is available. Network administrators should implement strict network segmentation to restrict access to management interfaces of wireless APs, ideally limiting access to trusted internal networks or VPNs. Enabling network-level authentication mechanisms such as 802.1X can reduce unauthorized access risks. Monitoring network traffic for unusual password change requests or configuration changes on APs can help detect exploitation attempts. Organizations should contact EnGenius support for official patches or firmware updates addressing this vulnerability and apply them promptly once released. As a temporary workaround, disabling remote management interfaces or changing default management ports may reduce exposure. Additionally, enforcing strong network perimeter defenses, including firewalls and intrusion detection/prevention systems, can help block unauthorized access attempts targeting these devices. Regular audits of wireless infrastructure configurations and access logs are recommended to identify suspicious activities early.