CVE-2025-57432

Опубликовано: 22 сент. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts unauthenticated commands. This service allows remote attackers to manipulate stream settings, including changing video modes and possibly altering device functionality. No credentials or authentication mechanisms are required to interact with the Telnet interface.

Ссылки

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57432
Exploit
Third Party Advisory
https://www.blackmagicdesign.com/
Product
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-57432
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:blackmagicdesign:web_presenter_hd_firmware:3.3:*:*:*:*:*:*:*

cpe:2.3:h:blackmagicdesign:web_presenter_hd:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:blackmagicdesign:web_presenter_4k_firmware:3.3:*:*:*:*:*:*:*

cpe:2.3:h:blackmagicdesign:web_presenter_4k:-:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00569

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-306

Связанные уязвимости

GHSA-8c8w-8hrx-cvpq