CVE-2025-63208 – This vulnerability in bridgetech VB288 Objectiv... (How to Fix)

Q: What is the severity of CVE-2025-63208?

CVE-2025-63208 has a CVSS score of 7.5 (HIGH). This vulnerability in bridgetech VB288 Objective QoE Content Extractor firmware version 5.6.0-8 allows unauthenticated attackers to retrieve administrator passwords via the /probe/core/setup/passwd endpoint. This affects organizations using this specific firmware version for content extraction and quality monitoring. The information disclosure could lead to complete system compromise.

📋 TL;DR

This vulnerability in bridgetech VB288 Objective QoE Content Extractor firmware version 5.6.0-8 allows unauthenticated attackers to retrieve administrator passwords via the /probe/core/setup/passwd endpoint. This affects organizations using this specific firmware version for content extraction and quality monitoring. The information disclosure could lead to complete system compromise.

💻 Affected Systems

Products:

bridgetech VB288 Objective QoE Content Extractor

Versions: 5.6.0-8

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific firmware version mentioned; other versions may not be vulnerable.

📦 What is this software?

Vb288 Firmware by Bridgetech

View all CVEs affecting Vb288 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain administrative credentials, leading to full system takeover, data exfiltration, and potential lateral movement within the network.

🟠

Likely Case

Attackers obtain administrator passwords and gain unauthorized access to the device, potentially modifying configurations or extracting sensitive content data.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the specific device, though credentials would still be compromised.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP GET request to the vulnerable endpoint returns password information without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://bridgetech.tv/

Restart Required: No

Instructions:

Check bridgetech.tv for security advisories and firmware updates. If available, download and apply the latest firmware version following vendor instructions.

🔧 Temporary Workarounds

Block Vulnerable Endpoint

linux

Use network firewall or web application firewall to block access to /probe/core/setup/passwd endpoint

iptables -A INPUT -p tcp --dport 80 -m string --string "/probe/core/setup/passwd" --algo bm -j DROP

Network Segmentation

all

Isolate VB288 devices from untrusted networks and limit access to authorized management systems only

🧯 If You Can't Patch

Change all administrator passwords immediately and monitor for unauthorized access
Implement strict network access controls to limit who can reach the device management interface

🔍 How to Verify

Check if Vulnerable:

Send HTTP GET request to http://[device-ip]/probe/core/setup/passwd and check if password information is returned without authentication

Check Version:

Check device web interface or use vendor-specific CLI commands to display firmware version

Verify Fix Applied:

After applying workarounds or updates, verify the endpoint no longer returns password information without proper authentication

📡 Detection & Monitoring

Log Indicators:

HTTP GET requests to /probe/core/setup/passwd
Failed authentication attempts followed by successful access

Network Indicators:

Unusual HTTP traffic patterns to the vulnerable endpoint
External IP addresses accessing the management interface

SIEM Query:

source="web_logs" AND uri="/probe/core/setup/passwd" AND response_status=200

📊 Metadata

CVE ID: CVE-2025-63208

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-312

EPSS Score: 0.03% exploit probability (6.3th percentile)

Published: November 19, 2025

Last Updated: January 15, 2026

🔗 References

https://bridgetech.tv/ Product
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63208_bridgetech%20VB288%20Information%20Disclosure Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-63208, you might also want to check these: