CVE-2025-45813 – ENENSYS IPGuard v2 2.10.0 contains hardcoded cr... (How to Fix)

Q: What is the severity of CVE-2025-45813?

CVE-2025-45813 has a CVSS score of 9.8 (CRITICAL). ENENSYS IPGuard v2 2.10.0 contains hardcoded credentials that could allow attackers to gain unauthorized access to the system. This affects all deployments of IPGuard v2 version 2.10.0. Attackers could potentially take full control of affected systems.

📋 TL;DR

ENENSYS IPGuard v2 2.10.0 contains hardcoded credentials that could allow attackers to gain unauthorized access to the system. This affects all deployments of IPGuard v2 version 2.10.0. Attackers could potentially take full control of affected systems.

💻 Affected Systems

Products:

ENENSYS IPGuard v2

Versions: 2.10.0

Operating Systems: Linux-based systems (specific distribution not specified)

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of version 2.10.0 are vulnerable regardless of configuration.

📦 What is this software?

Ipguardv2 Firmware by Enensys

View all CVEs affecting Ipguardv2 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary code, steal sensitive data, and pivot to other network resources.

🟠

Likely Case

Unauthorized administrative access to IPGuard systems leading to configuration changes, service disruption, and potential data exfiltration.

🟢

If Mitigated

Limited impact if network segmentation and access controls prevent external access to management interfaces.

🌐 Internet-Facing: HIGH - If management interfaces are exposed to the internet, attackers can easily exploit hardcoded credentials.

🏢 Internal Only: HIGH - Even internally, any user with network access could exploit these credentials to gain administrative privileges.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Hardcoded credentials can be easily discovered and used without authentication. Public GitHub repository contains details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.enensys.com/

Restart Required: No

Instructions:

Check ENENSYS website for security updates. No official patch information available at this time.

🔧 Temporary Workarounds

Change Default Credentials

all

Manually change all default/hardcoded credentials in the system configuration

# Use IPGuard admin interface to change all passwords
# Check configuration files for hardcoded credentials

Network Segmentation

linux

Restrict access to IPGuard management interfaces using firewall rules

# Example iptables rule: iptables -A INPUT -p tcp --dport [IPGUARD_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
# iptables -A INPUT -p tcp --dport [IPGUARD_PORT] -j DROP

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach IPGuard management interfaces
Monitor authentication logs for unauthorized access attempts using default credentials

🔍 How to Verify

Check if Vulnerable:

Check if running IPGuard v2 version 2.10.0. Review configuration files for hardcoded credentials.

Check Version:

# Check IPGuard version through admin interface or configuration files

Verify Fix Applied:

Attempt to authenticate using known hardcoded credentials - should fail. Verify all credentials have been changed.

📡 Detection & Monitoring

Log Indicators:

Failed authentication attempts followed by successful login
Multiple login attempts from unusual IP addresses
Administrative actions from unexpected sources

Network Indicators:

Unusual traffic patterns to IPGuard management ports
Authentication requests from unauthorized networks

SIEM Query:

source="ipguard" AND (event_type="authentication" AND result="success") | stats count by src_ip

📊 Metadata

CVE ID: CVE-2025-45813

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-798

EPSS Score: 0.09% exploit probability (25.3th percentile)

Published: July 2, 2025

Last Updated: October 10, 2025

🔗 References

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-45813 Exploit,Third Party Advisory
https://www.enensys.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-45813, you might also want to check these: