ThermaKube Master Hard-coded Password Exposure

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.8

ThermaKube Master Hard-coded Password Exposure

CVE-2025-70041

Summary

A hard-coded password in ThermaKube master allows unauthorized access. This weakness poses a significant risk to the security of your system, as an attacker who obtains the password can use it to access and control your ThermaKube master without needing a valid username and password. To mitigate this issue, update your ThermaKube master to the latest version or replace the hard-coded password with a securely generated one.

Original title

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master.

Original description

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master.

https://gist.github.com/zcxlighthouse/cbd6fd6ca486460573e0611ee547f763
https://github.com/oslabs-beta
https://github.com/oslabs-beta/ThermaKube

Published: 11 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026