Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Access Vulnerability

Vulnerability

Exploited

A hard-coded credentials vulnerability has been identified in Cypress Solutions' CTM-200 and CTM-ONE products, specifically in versions 1.3.6, 1.3.1, 1.1.9, 2.7.1.5659, and 2.0.5.3356-184. This vulnerability, present in the Linux distribution of these products, allows attackers to gain remote root access via Telnet or SSH by exploiting the static 'Chameleon' password.

Impact

Exploitation of this vulnerability leads to unauthorized remote root access on the affected devices via Telnet or SSH.

Reproduction

The vulnerability can be reproduced by attempting to log in as the root user (or admin) using the hard-coded 'Chameleon' password via Telnet or SSH. Once logged in, the root access can be used to execute arbitrary commands on the device.

Added: Dec 31, 2025, 7:22 PM

Updated: Dec 31, 2025, 8:56 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

9.1

remediation

0.0

relevance

1.8

threat

8.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

9.1

remediation

0.0

relevance

1.8

threat

8.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Access Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating