CVE-2025-26793 Scanner

FREEDOM Administration is a web-based graphical user interface (GUI) configuration panel for Hirsch Enterphone MESH systems. These systems are used primarily in apartment buildings across Canada and the U.S. to manage entry systems. Property administrators use this software to control and monitor access to buildings, providing convenient and centralized management for building security. The interface allows administrators to set up system parameters, view logs, and manage user access in real time. Despite its capabilities, the software's reliance on default credentials creates significant security risks if not properly managed. As such, it is critical for system administrators to follow recommended practices to ensure the security of the system.

The default credential vulnerability in FREEDOM Administration poses serious security risks. Default login credentials (username: freedom, password: viscount) are not prompted to be changed upon initial setup, compromising the integrity of the system. As these credentials are publicly known, attackers can exploit them to gain access to sensitive information and control over the systems. This vulnerability allows unauthorized individuals to manage access to multiple buildings. Ensuring the change of default credentials should be a priority to safeguard against unauthorized access.

Technically, the vulnerability is due to hard-coded default credentials within FREEDOM Administration. The vulnerable endpoint is the mesh.webadmin.MESHAdminServlet, where users can log in using the default credentials. The vulnerability primarily affects the login process, where an attacker can authenticate by submitting a POST request containing these credentials. If successful, the attacker gains administrator-level access to the system, with the potential to manage the administration panel and access data. This flaw is exacerbated by the lack of a mechanism prompting administrators to change default credentials, which must be carried out manually.

When exploited, this vulnerability can have significant ramifications, including unauthorized access to sensitive personal information of building residents. Attackers can alter, delete, or exfiltrate critical data, manipulate system settings, and interrupt services, leading to potentially severe privacy and operational impacts. Moreover, control over the system could be leveraged to gain physical access to facilities, posing additional security and safety concerns for residents. The potential for widespread exploitation necessitates immediate action to mitigate risks associated with this oversight.

REFERENCES

• https://www.ericdaigle.ca/posts/breaking-into-dozens-of-apartments-in-five-minutes/
• https://news.ycombinator.com/item?id=43160884
• https://support.identiv.com/products/physical-access/hirsch/