Vulnerability Database

318,389

Total vulnerabilities in the database

CVE-2025-29270

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device.

Published: Oct 31, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-29270
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 10
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-200
CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

No affected software listed.

https://blog.byteray.co.uk/shadow-entry-discovery-of-authentication-bypass-vulnerability-in-dse855-communications-device-938e35d4b361

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo