VYPR
Unrated severityNVD Advisory· Published Nov 18, 2025· Updated Nov 18, 2025

Possible malfunction credential injection

CVE-2025-41733

Description

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.