CVE-2025-41651

Critical CVSS: 9.8

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise.

Vendor

Product

CWE

CWE-306

Yayın Tarihi

2025-05-27 09:15:21

Güncelleme

2025-05-28 15:01:30

Source Identifier

info@cert.vde.com

KEV Date Added

Kategoriler

CWE-306 CRITICAL 2025

Referanslar

https://certvde.com/en/advisories/VDE-2025-044/