{"uuid": "852cd3ef-a6a8-40e6-90f4-c88e3b060800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2189", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7137", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2189\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N)\n\ud83d\udd39 Description: This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext credentials stored on the vulnerable device.\n\ud83d\udccf Published: 2025-03-11T11:40:20.173Z\n\ud83d\udccf Modified: 2025-03-11T13:15:46.249Z\n\ud83d\udd17 References:\n1. https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0043", "creation_timestamp": "2025-03-11T13:39:53.000000Z"}