CVE-2025-13955

Summary

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers

Affected Software

VendorProductVersion RangeStatus
EZCastEZCast Pro II0 < 1.17478.177affected

Weaknesses

  • CWE-330: CWE-330 Use of Insufficiently Random Values

Workarounds

Until a firmware patch is made available by the vendor, all users are advised to change the default password in the management UI.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References