Sign-up

ID

VAR-202506-2187


TITLE

There is a weak password vulnerability in the LAC WEB control center of Shanghai Huanchuang Communication Technology Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2025-13164

DESCRIPTION

Shanghai Huanchuang Communication Technology Co., Ltd. is a high-tech enterprise focusing on the research and development of wireless communication products for private networks with wireless communication technology as its core, providing private network solutions for industries such as rail transit, fire emergency, intelligent manufacturing, coal mining, and campus. There is a weak password vulnerability in the LAC WEB control center of Shanghai Huanchuang Communication Technology Co., Ltd., and attackers can use the vulnerability to log in to the system and obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2025-13164

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-13164

AFFECTED PRODUCTS

vendor:huanchuang communicationmodel:lac web control centerscope:eqversion:v3.0.20211230

Trust: 0.6

sources: CNVD: CNVD-2025-13164

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2025-13164
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2025-13164
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2025-13164

EXTERNAL IDS

db:CNVDid:CNVD-2025-13164

Trust: 0.6

sources: CNVD: CNVD-2025-13164

SOURCES

db:CNVDid:CNVD-2025-13164

LAST UPDATE DATE

2025-06-27T23:05:12.665000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-13164date:2025-06-20T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-13164date:2025-06-17T00:00:00