Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2025-5095

Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforce proper authentication or session validation, allowing the password change to proceed without verifying the request's legitimacy.

Published: Aug 8, 2025
Updated: Aug 9, 2025
CVE: CVE-2025-5095
Exploit:

No technical information available.

CWEs:

CWE-306

Affected Software
References

No affected software listed.

https://www.burk.com/products/Broadcast/ARC-Solo-6
https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-03

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo