Medium severity4.3NVD Advisory· Published Oct 22, 2025· Updated Apr 15, 2026
CVE-2025-41720
CVE-2025-41720
Description
A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified.
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.