ShineLan-X FTP Credentials Exposure Vulnerability Allowing File Replacement

Vulnerability

A vulnerability in ShineLan-X firmware was identified, where a set of FTP server credentials was embedded within the firmware. This exposure allows for an insecure FTP connection to be established with the server. Testers could potentially exploit this by replacing legitimate files being sent to devices with malicious versions, as the firmware does not enforce signature verification.

Impact

Exploitation of this vulnerability could lead to unauthorized file replacement on devices, allowing for the deployment of malicious software or files.

Added: Dec 13, 2025, 4:37 PM

Updated: Dec 13, 2025, 4:37 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ShineLan-X FTP Credentials Exposure Vulnerability Allowing File Replacement

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating