CVE-2025-15575

🗓️ 12 Feb 2026 10:51:44Reported by SEC-VLabType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 9 Views

CVE-2025-15575: Firmware updates are unauthenticated due to missing cryptographic checks and secure boot.

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2025-15575	12 Feb 202610:51	–	attackerkb
CNNVD	SolaX Power Pocket 安全漏洞	12 Feb 202600:00	–	cnnvd
Cvelist	CVE-2025-15575 Missing Firmware Authenticity Checks in Solax Power Pocket WiFi models	12 Feb 202610:51	–	cvelist
NVD	CVE-2025-15575	12 Feb 202611:15	–	nvd
Positive Technologies	PT-2026-7837	12 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-15575	13 Feb 202613:22	–	redhatcve
Vulnrichment	CVE-2025-15575 Missing Firmware Authenticity Checks in Solax Power Pocket WiFi models	12 Feb 202610:51	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Pocket WiFi 3.0",
    "vendor": "SolaX Power",
    "versions": [
      {
        "status": "affected",
        "version": "<3.022.03"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Pocket WiFi+LAN",
    "vendor": "SolaX Power",
    "versions": [
      {
        "status": "affected",
        "version": "<1.009.02"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Pocket WiFi+4GM",
    "vendor": "SolaX Power",
    "versions": [
      {
        "status": "affected",
        "version": "<1.005.05"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Pocket WiFi+LAN 2.0",
    "vendor": "SolaX Power",
    "versions": [
      {
        "status": "affected",
        "version": "<006.06"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Pocket WiFi 4.0",
    "vendor": "SolaX Power",
    "versions": [
      {
        "status": "affected",
        "version": "<003.03"
      }
    ]
  }
]

Source	Link
r	www.r.sec-consult.com/solax

15 Apr 2026 00:35Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.3

EPSS0.00022

SSVC

CWE-494