CVE-2025-41719

High CVSS: 8.8

A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password.

Vendor

Product

CWE

CWE-1286

Yayın Tarihi

2025-10-22 07:15:33

Güncelleme

2025-10-22 21:12:48

Source Identifier

info@cert.vde.com

KEV Date Added

Kategoriler

CWE-1286 HIGH 2025

Referanslar

https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json