Primary

Context

EZCast Pro II Dongle Hard-Coded Cryptographic Keys Authorization Bypass Vulnerability

Vulnerability

A vulnerability exists in the Admin UI of EZCast Pro II version 1.17478.146 due to hard-coded cryptographic keys. This flaw allows attackers to bypass authorization checks and gain full access to the admin interface.

Impact

Exploitation of this vulnerability allows for unauthorized access to the admin UI, bypassing all authorization checks.

Remediation

Users are advised to disconnect the dongle from their local network and limit its use to Access Point functionality until a firmware patch is available. Additionally, change the default password.

Added: Dec 10, 2025, 9:20 AM

Updated: Dec 10, 2025, 9:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

7.0

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

7.0

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EZCast Pro II Dongle Hard-Coded Cryptographic Keys Authorization Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

NimbleTech EZCast Pro II

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating