ByteOS Network

NVD Vulnerability Details :

CVE-2018-25130

Awaiting Analysis

Source-disclosure@vulncheck.com

Published At-24 Dec, 2025 | 20:15

Updated At-29 Dec, 2025 | 15:58

Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized access to IP cameras and door stations.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	6.8	MEDIUM	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	6.2	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Type: Secondary

Version: 4.0

Base score: 6.8

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 6.2

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses

CWE ID	Type	Source
CWE-256	Secondary	disclosure@vulncheck.com

CWE ID: CWE-256

Type: Secondary

Source: disclosure@vulncheck.com

References

Hyperlink	Source	Resource
https://www.beward.net	disclosure@vulncheck.com	N/A
https://www.exploit-db.com/exploits/46267	disclosure@vulncheck.com	N/A
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5505.php	disclosure@vulncheck.com	N/A
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5505.php	134c704f-9b21-4f2e-91b3-4a467353bcc0	N/A