Vulnerability Details CVE-2026-25085
A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in
which an unexpected return value from the authentication routine is
later on processed as a legitimate value, resulting in an authentication
bypass.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v3 Score 8.6
References
Products affected by CVE-2026-25085
-
cpe:2.3:h:copeland:xweb_300d_pro:-
-
cpe:2.3:h:copeland:xweb_500b_pro:-
-
cpe:2.3:h:copeland:xweb_500d_pro:-
-
cpe:2.3:o:copeland:xweb_300d_pro_firmware:*
-
cpe:2.3:o:copeland:xweb_500b_pro_firmware:*
-
cpe:2.3:o:copeland:xweb_500d_pro_firmware:*