CVE-2025-1496

Description

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse. This issue affects Coslat Hotspot: before 6.26.0.R.20250227.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

BG-TEK / Coslat Hotspot0 – 6.26.0.r.20250227

References

MISChttps://www.coslat.com/tr/blog/28-02-2025-guncelleme
MISChttps://www.usom.gov.tr/bildirim/tr-25-0075
MISChttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0075