Description

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username `proxyuser` for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target device. The device then uses it to establish a reverse SSH tunnel to a remote access server, enabling browser-based SSH access for the administrator. Because the same `proxyuser` account and SSH key are reused across all customer environments: - An attacker who obtains the key (e.g., by intercepting it in transit, extracting it from the remote access server, or from a compromised admin account) can impersonate any managed device. - They can establish unauthorized reverse SSH tunnels and interact with devices without the owner's consent. This is a design flaw in the authentication model: compromise of a single key compromises the trust boundary between the controller and devices.

INFO

Published Date :

2025-09-22T00:00:00.000Z

Last Modified :

2025-09-23T18:13:57.262Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-57601 vulnerability.

Vendors Products
Aikaan
  • Cloud Controller
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-57601.

URL Resource
https://github.com/Shubhangborkar/aikaan-vulnerabilities/blob/main/cve1-shared-ssh-key.md cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact