CVE-2025-56007 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the device via adding additional users with full permissions by ma…
Medium CVSS: 6.5

CVE-2025-56007

CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.
Vendor
Keenetic
Product
Keeneticos
CWE
CWE-93
Yayın Tarihi
2025-10-23 15:15:39
Güncelleme
2025-11-04 13:10:02
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-93 Keeneticos MEDIUM Keenetic 2025

Referanslar

https://keenetic.com/ https://keenetic.com/global/security#october-2025-web-api-vulnerabilities