- Description
- Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and BACnet/SC server certificates and keys.
- Source
- info@cert.vde.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
- Severity
- CRITICAL
- info@cert.vde.com
- CWE-862
- Hype score
- Not currently trending
⚡ New CVE Alert: CVE-2025-41765 📊 Severity: 9.1 🚨 Risk Level: Critical 🧩 Affects: Multiple / Unspecified Products Reference: https://t.co/SdkP4F74Ng #CVE-2025-41765 #CVE #Critical #CyberSecurity #InfoSec https://t.co/QuzgfqJhF9
@CVEarity
9 Mar 2026
1 Impression
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-41765 Unauthenticated Arbitrary File Upload Vulnerability in wwwupload.cgi Endpoint https://t.co/nE3ketsB0I
@VulmonFeeds
9 Mar 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-41765 - Critical Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited... https://t.co/7XXa5QgUDA https://t.co/jC75cnzbVj
@TheHackerWire
9 Mar 2026
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-41765: CRITICAL] Beware of cyber threats! Unauthorized access to wwwupload.cgi endpoint allows attackers to upload and apply arbitrary data like contact images and server certificates.#cve,CVE-2025-41765,#cybersecurity https://t.co/teDhpLVmcW
@CveFindCom
9 Mar 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes