CVE-2025-67158
Published: 02 January 2026
Summary
CVE-2025-67158 is a high-severity Improper Authentication (CWE-287) vulnerability in Revotech I6032W-Fhw Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Detects unauthorized successful logons resulting from improper authentication implementations.
Documented procedures ensure personnel are trained on authentication mechanisms, tangibly lowering the risk of improper authentication being exploited.
Security awareness training instructs users on secure authentication practices and avoiding credential compromise.
Training on authentication mechanisms and best practices decreases the occurrence of improper authentication.
Non-repudiation requires strong authentication mechanisms to irrefutably attribute performed actions to specific individuals or processes.
Session content review can reveal authentication bypasses or failures in session establishment.
Review of authentication-related audit records can detect improper authentication mechanisms or bypasses.
Assessments check authentication mechanisms for correct implementation and effectiveness, reducing successful authentication bypass attempts.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Auth bypass in public-facing CGI endpoint directly enables remote exploitation for initial access (T1190) and subsequent privilege escalation (T1068).
NVD Description
An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request.
Deeper analysisAI
CVE-2025-67158, published on 2026-01-02, is an authentication bypass vulnerability (CWE-287) affecting the /cgi-bin/jvsweb.cgi endpoint in Revotech I6032W-FHW devices running versions v1.0.0014 through 20210517. Rated with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), the flaw enables attackers to access sensitive information and escalate privileges by sending a crafted HTTP request.
Unauthenticated attackers with network access to the device can exploit this vulnerability remotely with low attack complexity and no user interaction required. Exploitation results in high-impact confidentiality loss, allowing unauthorized access to sensitive data and subsequent privilege escalation on the targeted system.
Mitigation guidance and additional details are available in the vendor resources at http://revotech.com and the GitHub repository https://github.com/Remenis/CVE-2025-67158.
Details
- CWE(s)