CVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

May 1, 2025

CVE ID : CVE-2025-24522

Published : May 1, 2025, 7:15 p.m. | 53 minutes ago

Description : KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable because authentication is not configured by default for the Node-RED server. This can give an unauthenticated remote attacker full access to the Node-RED server where they can run arbitrary commands on the underlying operating system.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-35996 – KUNBUS PiCtory Stored Cross-Site Scripting (XSS)

Next Article CVE-2025-32011 – KUNBUS PiCtory Authentication Bypass Vulnerability

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Enhancing Laravel Queries with Reusable Scope Patterns

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

Everything We Know About Livewire 4

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

A UN Human Rights Council report lists Microsoft among big tech companies that “profit” from Gaza genocide

CVE-2025-34489 – GFI MailEssentials Remote Code Execution Vulnerability

HNS-2025-10 – HN Security Advisory – Local privilege escalation in Zyxel uOS

Best Prime Day Apple deals: My 15 favorite sales live now

Beyond Text Compression: Evaluating Tokenizers Across Scales

CVE-2025-4420 – Vayu Blocks Stored Cross-Site Scripting (XSS) in WordPress

CVE-2024-41196 – Ocuco Innovation REPORTSERVER.EXE Remote Authentication Bypass and Privilege Escalation Vulnerability

[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach

CVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

Related Posts