CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

June 24, 2025

CVE ID : CVE-2025-48890

Published : June 24, 2025, 5:15 a.m. | 4 hours, 44 minutes ago

Description : WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41427 – WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN OS Command Injection Vulnerability in Connection Diagnostics Page

Next Article CVE-2025-43877 – WRC-1167GHBK2-S WebGUI Cross-Site Scripting (XSS)

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

CVE-2025-47949 – Samlify SAML Response Signature Wrapping Vulnerability

How to Build Database Seed Scripts for Your Node Application

Subnautica 2 publisher Krafton reportedly delayed it to 2026 — did it just kill a $250 million bonus for devs in the crib?

ConnectWise Patches Critical ViewState RCE Vulnerability in ScreenConnect

CVE-2025-45387 – osTicket Broken Access Control Vulnerability

CVE-2025-5886 – Emlog Cross-Site Scripting Vulnerability

Zelenskyy Signs Law Advancing Cybersecurity of Ukraine’s State Networks and Critical Infrastructure

ConnectWise Cyberattack

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

Related Posts