CVE-2025-43879 – ZTE WRH-733GBK/WRH-733GWH OS Command Injection

June 24, 2025

CVE ID : CVE-2025-43879

Published : June 24, 2025, 5:15 a.m. | 4 hours, 44 minutes ago

Description : WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in the telnet function. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2962 – Apache DNS DNS Denial-of-Service

Next Article CVE-2025-41427 – WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN OS Command Injection Vulnerability in Connection Diagnostics Page

Highlights

CVE-2025-20186 – “Cisco Wireless LAN Controller Lobby Ambassador Command Injection Vulnerability”

May 7, 2025

CVE ID : CVE-2025-20186

Published : May 7, 2025, 6:15 p.m. | 1 hour, 29 minutes ago

Description : A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device.

This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with privilege level 15.

Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

July 2, 2025

Xbox Insiders can now try Gaming Copilot in Windows Game Bar

August 6, 2025

“Unstoppable?” ChatGPT Surges to 700 million Weekly Users as Rivals Race to Compete

August 5, 2025

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-43879 – ZTE WRH-733GBK/WRH-733GWH OS Command Injection

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2022-44759 – HCL Leap SVG Injection Vulnerability

CVE-2025-37882 – Linux Kernel USB xHCI Isochronous Ring Handling Vulnerability

CVE-2024-43018 – Piwigo SQL Injection Vulnerability

Securing Agentic AI: How to Protect the Invisible Identity Access

CVE-2025-20186 – “Cisco Wireless LAN Controller Lobby Ambassador Command Injection Vulnerability”

Xbox is cancelling Rare’s ‘Everwild’ and ZeniMax’s new MMORPG IP as part of broader cuts — with ‘Perfect Dark’ impacted as well

Xbox Insiders can now try Gaming Copilot in Windows Game Bar

“Unstoppable?” ChatGPT Surges to 700 million Weekly Users as Rivals Race to Compete

CVE-2025-43879 – ZTE WRH-733GBK/WRH-733GWH OS Command Injection

Related Posts