cvedb.io
CVE-2025-57434
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2025-09-22T17:16:08.423 · Last modified 2026-06-17T09:43:07.740

Summary

Creacast Creabox Manager contains a critical authentication flaw that allows an attacker to bypass login validation. The system grants access when the username is creabox and the password begins with the string creacast, regardless of what follows.

Affected products

creacast — creabox_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when creacast ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.