CVE-2025-3758 – WF2220 Information Disclosure in Western Digital Router

May 8, 2025

CVE ID : CVE-2025-3758

Published : May 8, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password.
The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleRilasciata Mesa 25.1: Grafica Open Source al Top con Vulkan 1.4 e PanVK

Next Article CVE-2025-3759 – Netgear IGD Unauthenticated Configuration Change Vulnerability

Highlights

CVE-2025-9731 – Tenda AC9 Hard-Coded Credentials Vulnerability

August 31, 2025

CVE ID : CVE-2025-9731

Published : Aug. 31, 2025, 2:15 p.m. | 11 hours, 12 minutes ago

Description : A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack’s complexity is rated as high. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-3758 – WF2220 Information Disclosure in Western Digital Router

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-27531 – Apache InLong Deserialization of Untrusted Data Remote File Read Vulnerability

AMD’s Adrenalin Edition 25.6.2 Driver Brings Day-One Support for Firebreak, Expands FSR 4

CVE-2025-4014 – PHPGurukul Art Gallery Management System SQL Injection Vulnerability

The UX-Dev Relay – How to Pass the Baton Effectively

CVE-2025-9731 – Tenda AC9 Hard-Coded Credentials Vulnerability

IP Lookup – find info about an IP address.

CVE-2025-2414 – Akinsoft OctoCloud Authentication Bypass

PERFIXION 2025: Powering AI Ideas

CVE-2025-3758 – WF2220 Information Disclosure in Western Digital Router

Related Posts