- Description
- An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint event_mail_test).
- Source
- info@cert.vde.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- info@cert.vde.com
- CWE-352
- Hype score
- Not currently trending
CVE-2025-41661 Unauthenticated Remote Command Injection in Main Web Interface via CSRF Bypass https://t.co/OH2KNfDw0l
@VulmonFeeds
11 Jun 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-41661 An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection… https://t.co/QlNh3Y9XLO
@CVEnew
11 Jun 2025
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-41661: HIGH] Devices are vulnerable to cyber attacks due to lack of Cross-Site Request Forgery protection, allowing remote attackers to run commands with root privileges.#cve,CVE-2025-41661,#cybersecurity https://t.co/bLd6iw5myk https://t.co/EyUsDjxmIk
@CveFindCom
11 Jun 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes