CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database

🗓️ 24 Dec 2025 19:27:43Reported by VulnCheckType

Beward Intercom 2.3.1 exposes plain-text credentials from an unencrypted database to local attackers.

Reporter	Title	Published	Views	Family All 7
CNNVD	Beward Intercom 安全漏洞	24 Dec 202500:00	–	cnnvd
CVE	CVE-2018-25130	24 Dec 202519:27	–	cve
EUVD	EUVD-2025-205354	24 Dec 202521:30	–	euvd
NVD	CVE-2018-25130	24 Dec 202520:15	–	nvd
Positive Technologies	PT-2025-53351	24 Dec 202500:00	–	ptsecurity
Vulnrichment	CVE-2018-25130 Beward Intercom 2.3.1 Local Credentials Disclosure via Unencrypted Database	24 Dec 202519:27	–	vulnrichment
Zero Science Lab	BEWARD Intercom 2.3.1 Credentials Disclosure	27 Jan 201900:00	–	zeroscience

[
  {
    "vendor": "Beward R&D Co., Ltd",
    "product": "BEWARD Intercom",
    "versions": [
      {
        "version": "2.3.1.34471",
        "status": "affected"
      },
      {
        "version": "2.3.0",
        "status": "affected"
      },
      {
        "version": "2.2.11",
        "status": "affected"
      },
      {
        "version": "2.2.10.5",
        "status": "affected"
      },
      {
        "version": "2.2.9",
        "status": "affected"
      },
      {
        "version": "2.2.8.9",
        "status": "affected"
      },
      {
        "version": "2.2.7.4",
        "status": "affected"
      }
    ]
  }
]

Source	Link
zeroscience	www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5505.php
exploit-db	www.exploit-db.com/exploits/46267
beward	www.beward.net/

24 Dec 2025 19:27Current

CVSS 3.16.2

CVSS 46.8

EPSS0.00019

CWE-256