Threats Tagged 'cve-2026-25818'
View all threats tagged with 'cve-2026-25818'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-25818'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-25818: n/aCVE-2026-25818 0 CVE-2026-25818 affects HMS Networks Ewon Flexy and Cosy+ devices with certain firmware versions, where weak entropy in authentication cookies enables attackers possessing a stolen session cookie to brute-force encryption parameters and recover user passwords. This vulnerability does not require user interaction or privileges and can be exploited remotely over the network. The flaw impacts confidentiality and integrity but not availability. It has a critical CVSS score of 9.1 due to ease of exploitation and high impact. No known exploits are currently in the wild, but the vulnerability poses a significant risk to industrial and remote access systems relying on these devices. Organizations using affected firmware versions should prioritize patching once updates are available and implement compensating controls to protect session cookies. Countries with significant industrial automation and remote monitoring deployments of HMS Networks products are most at risk. Join the discussion | CVE Database V5 | 03/12/2026, 00:00:00 UTC Added: 03/12/2026, 21:44:47 UTC |
Showing 1 to 1 of 1 result