Critical Vulnerability Information Vulnerability Overview Vulnerability Type: Insecure Default Password Affected Product: Cudy WR1200EA Router Affected Version: 2.3.7 Attack Type: Remote Attack Vector: Unauthorized login via Web interface or other network-accessible services using default root user password Vulnerability Details Impact: - Privilege Escalation - Information Disclosure - Potential Code Execution Affected Component: file, root user authentication mechanism CVE ID: CVE-2025-9589 Discoverer: n0ps1edz (n0ps1edzz@gmail.com) Firmware Link: Cudy Official Download Page Discovery Process Analyzed firmware Extracted file and cracked the MD5 password hash using John the Ripper, revealing the default password as "admin" Reproduction Steps 1. Extract firmware image 2. Locate file in the extracted squashfs root directory 3. Use password cracking tool (e.g., John the Ripper) to crack the MD5 password hash for the root user 4. Attempt to log in to the router’s Web interface or other services using credentials Impact Attackers can gain full administrative control via default root credentials Access to sensitive configuration data, potentially exposing network details Modification of router settings or execution of arbitrary code, leading to further network compromise