CVE-2025-34516

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-34516

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34516.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-34516

Withdrawn

2026-05-04T08:49:29.091203Z

Published

2025-10-16T18:15:36.067Z

Modified

2026-05-04T08:49:29.091203Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials vulnerability that allows an unauthenticated attacker to obtain remote access. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.7.18.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34516.json"