CVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

May 1, 2025

CVE ID : CVE-2025-24522

Published : May 1, 2025, 7:15 p.m. | 53 minutes ago

Description : KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable because authentication is not configured by default for the Node-RED server. This can give an unauthenticated remote attacker full access to the Node-RED server where they can run arbitrary commands on the underlying operating system.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-35996 – KUNBUS PiCtory Stored Cross-Site Scripting (XSS)

Next Article CVE-2025-32011 – KUNBUS PiCtory Authentication Bypass Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Grand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

Satya Nadella says Microsoft’s AI model performance is “doubling every 6 months”, despite the estranged OpenAI partnership

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

JavaScript Pulse: Weekly Dev Digest – May 2, 2025

Making V8 eager to compile your JavaScript

Unlock More from Salesforce with the PrecisionIQ Assessment

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Microsoft could bring Elon Musk’s Grok AI model to Azure — Cozying up with OpenAI’s arch-nemesis xAI for its AI Foundry

Grand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

CVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)

QEMU – machine emulator and virtualizer

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

Revolutionizing Adapter Techniques: Qualcomm AIâ€™s Sparse High Rank Adapters (SHiRA) for Efficient and Rapid Deployment in Large Language Models

Whisp, a Pure PHP SSH server, with Ashley Hindle

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

You can now share Xbox Cloud Gaming links with your friends

Rilasciato Calibre 7.25: Novità e Miglioramenti per la Gestione degli E-book

Latvian Hacker Deniss Zolotarjovs Extradited to U.S. Over Karakurt Ties

CVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

Related Posts