CVE-2019-25291
INIM Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials Vulnerability
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. Attackers can exploit these persistent credentials to log in and gain unauthorized system access across multiple SmartLiving device models.
| CWE | CWE-798 |
| Vendor | inim electronics s.r.l. |
| Product | smartliving smartlan/g/si |
| Published | Jan 7, 2026 |
| Last Updated | Mar 23, 2026 |
Stay Ahead of the Next One
Get instant alerts for inim electronics s.r.l. smartliving smartlan/g/si
Be the first to know when new high vulnerabilities affecting inim electronics s.r.l. smartliving smartlan/g/si are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Versions
INIM Electronics s.r.l. / Smartliving SmartLAN/G/SI
<=6.0 505 515 1050 1050/G3 10100L 10100L/G3
References
zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5546.php exploit-db.com: https://www.exploit-db.com/exploits/47763 packetstormsecurity.com: https://packetstormsecurity.com/files/155618 exchange.xforce.ibmcloud.com: https://exchange.xforce.ibmcloud.com/vulnerabilities/172838 inim.biz: https://www.inim.biz/
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab