High severity8.8NVD Advisory· Published Oct 14, 2025· Updated Apr 15, 2026
CVE-2025-41699
CVE-2025-41699
Description
An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code ('Code Injection').
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.