CVE-2025-48463
low-risk
Published 2025-06-24
Successful exploitation of the vulnerability could allow an attacker to intercept data and conduct session hijacking on the exposed data as the vulnerable product uses unencrypted HTTP communication, potentially leading to unauthorised access or data tampering.
Do I need to act?
-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.1/10
Low
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (3)
Wise-4060Lan Firmware
Wise-4050Lan Firmware
Wise-4010Lan Firmware
Affected Vendors
References (1)
Third Party Advisory
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061
17
/ 100
low-risk
Severity
8/34 · Low
Exploitability
0/34 · Minimal
Exposure
9/34 · Low