Description
NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.
Published: 2026-06-05
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A hard‑coded backdoor account with the username and password 'eurek' allows an unauthenticated attacker to authenticate through the NetMan 204 CGI login endpoint, giving full administrative control over the device. The attacker can then modify configuration files, enable telnet/SSH services, and reset local user credentials, effectively taking over the device with minimal effort.

Affected Systems

All installations of Riello UPS NetMan 204 firmware are vulnerable. No specific sub‑versions are listed, so all released versions of NetMan 204 are affected.

Risk and Exploitability

The CVSS score of 9.3 indicates a critical level of risk. The EPSS score is not provided, and the vulnerability is not yet listed in the CISA KEV catalog, but its nature—remote unauthenticated access via a predictable CGI endpoint—means it can be exploited as soon as the device is reachable over the network. The lack of input validation on the login script allows attackers to use a simple HTTP request to gain privilege escalation.

Generated by OpenCVE AI on June 5, 2026 at 19:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update or patch released by Riello that removes the hard‑coded backdoor credentials (CWE‑798).
  • Restrict or block external access to the /cgi-bin/login.cgi endpoint, such as via firewall rules or network segmentation, to mitigate exploitation of the hard‑coded account (CWE‑798).
  • Reconfigure the device to use strong, non‑hardcoded administrative credentials and enable secure authentication methods such as SSH key‑based login, addressing the hard‑coded credential weakness (CWE‑798).

Generated by OpenCVE AI on June 5, 2026 at 19:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Description NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SSH services, and reset local user credentials.
Title NetMan 204 Hard-coded Backdoor Credentials
First Time appeared Riello-ups
Riello-ups netman 204
Riello-ups netman 204 Firmware
Weaknesses CWE-798
CPEs cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:*
cpe:2.3:o:riello-ups:netman_204_firmware:-:*:*:*:*:*:*:*
Vendors & Products Riello-ups
Riello-ups netman 204
Riello-ups netman 204 Firmware
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Riello-ups Netman 204 Netman 204 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-05T19:35:30.991Z

Reserved: 2026-06-05T16:56:46.183Z

Link: CVE-2025-71317

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-05T18:16:54.737

Modified: 2026-06-05T19:02:13.790

Link: CVE-2025-71317

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T20:00:04Z

Weaknesses