Vulnerability in Wattsense Bridge

CVE-2025-26410

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials can be used to log into the device via…

EPSS: 0.003 (56.9th percentile) — read the EPSS interpretation.

Affected products

Wattsense Bridge — versions 0

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

r.sec-consult.com/wattsense (third-party-advisory)
support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes (release-notes)