CVE-2018-25155

Published: Dic 24, 2025 Last Modified: Gen 26, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,1

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: active

Confidentiality: N/A

Integrity: N/A

Availability: N/A

MEDIUM 4,3

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: none

Description

AI Translation Available

Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page that automatically submits password change requests to the device when a logged-in user visits the page.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 82 Days)

352

Cross-Site Request Forgery (CSRF)

Stable

Abstraction: Compound Structure: Composite

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Non-Repudiation Access Control

Potential Impacts:

Gain Privileges Or Assume Identity Bypass Protection Mechanism Read Application Data Modify Application Data Dos: Crash, Exit, Or Restart

Applicable Platforms

Technologies: Web Based, Web Server

Likelihood of Exploit: Medium

View CWE Details

Operating System

Slice Firmware by Teradek

Product Information

Vendor Teradek

Product Slice Firmware

Version 7.3.15

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:teradek:slice_firmware:7.3.15:build31735:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467…

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467.php

https://www.exploit-db.com/exploits/44676

https://www.teradek.com

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467…

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467.php

CVE-2018-25155

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 82 Days)

Cross-Site Request Forgery (CSRF)

Common Consequences

Applicable Platforms

Slice Firmware by Teradek

Product Information

Iscriviti alla newsletter