{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25715", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2026-02-10T15:52:10.231Z", "datePublished": "2026-02-20T15:56:16.805Z", "dateUpdated": "2026-02-20T20:03:22.841Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "USR-W610", "vendor": "Jinan USR IOT Technology Limited (PUSR)", "versions": [{"lessThanOrEqual": "3.1.1.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Abhishek Pandey of Payatu Security Consulting reported this to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The web management interface of the device allows the administrator \nusername and password to be set to blank values. Once applied, the \ndevice permits authentication with empty credentials over the web \nmanagement interface and Telnet service. This effectively disables \nauthentication across all critical management channels, allowing any \nnetwork-adjacent attacker to gain full administrative control without \ncredentials."}], "value": "The web management interface of the device allows the administrator \nusername and password to be set to blank values. Once applied, the \ndevice permits authentication with empty credentials over the web \nmanagement interface and Telnet service. This effectively disables \nauthentication across all critical management channels, allowing any \nnetwork-adjacent attacker to gain full administrative control without \ncredentials."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-521", "description": "CWE-521", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-02-20T15:58:41.421Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-03"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-03.json"}], "source": {"advisory": "ICSA-26-050-03", "discovery": "EXTERNAL"}, "tags": ["unsupported-when-assigned"], "title": "Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Jinan USR IOT Technology Limited (PUSR) has stated that the product is \nend-of-life, and there are no plans to patch. Users of PUSR USR-W610 \ndevices are encouraged to <a target=\"_blank\" rel=\"nofollow\">contact PUSR</a> and keep their systems up to date.\n\n<br>"}], "value": "Jinan USR IOT Technology Limited (PUSR) has stated that the product is \nend-of-life, and there are no plans to patch. Users of PUSR USR-W610 \ndevices are encouraged to contact PUSR and keep their systems up to date."}], "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-20T20:02:26.714876Z", "id": "CVE-2026-25715", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:03:22.841Z"}}]}}

{}

{"cveTags": [{"sourceIdentifier": "ics-cert@hq.dhs.gov", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "The web management interface of the device allows the administrator \nusername and password to be set to blank values. Once applied, the \ndevice permits authentication with empty credentials over the web \nmanagement interface and Telnet service. This effectively disables \nauthentication across all critical management channels, allowing any \nnetwork-adjacent attacker to gain full administrative control without \ncredentials."}], "id": "CVE-2026-25715", "lastModified": "2026-02-20T18:57:15.973", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2026-02-20T17:25:53.293", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-03.json"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-521"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}

{}