CVE-2025-44039 – CP-XR-DE21-S 4G Router Firmware UART Console Authentication Bypass

May 13, 2025

CVE ID : CVE-2025-44039

Published : May 13, 2025, 3:15 p.m. | 1 hour, 9 minutes ago

Description : CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive information without any authentication.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-44831 – EngineerCMS SQL Injection Vulnerability

Next Article CVE-2025-32756 – Fortinet FortiVoice Buffer Overflow Vulnerability

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2025-44039 – CP-XR-DE21-S 4G Router Firmware UART Console Authentication Bypass

CVE-2023-28902 – Skoda MIB3 Infotainment Unit Integer Underflow Denial-of-Service Vulnerability

CVE-2023-28906 – Skoda MIB3 Infotainment Command Injection Vulnerability

CVE-2025-46802 – PuTTY Screen Session Privilege Escalation Vulnerability

CVE-2025-20216 – Cisco Catalyst SD-WAN Manager Cross-Site Scripting (XSS)

CSS Color Functions

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

ServiceNow and Nvidia’s new reasoning AI model raises the bar for enterprise AI agents

Fastify (Node.Js Framework): The Secret to Creating Scalable and Secure Business Applications

pdphilip/elasticsearch

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

CVE-2025-44039 – CP-XR-DE21-S 4G Router Firmware UART Console Authentication Bypass

Related Posts