CVE-2025-9589 – Cudy WR1200EA Default Password Disclosure

August 28, 2025

CVE ID : CVE-2025-9589

Published : Aug. 28, 2025, 10:15 p.m. | 3 hours, 47 minutes ago

Description : A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9590 – Weaver E-Mobile Mobile Management Platform Cross-Site Scripting Vulnerability

Next Article CVE-2025-58061 – OpenEBS Local PV RawFile World Readable Persistent Volume Data

Highlights

CVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

May 7, 2025

CVE ID : CVE-2025-20213

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials with CLI access on the affected system.

This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by running a series of crafted commands on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device and gain privileges of the root user. To exploit this vulnerability, an attacker would need to have CLI access as a low-privilege user.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

This 3-in-1 charger has a retractable superpower that’s a must for travel

How a legacy hardware company reinvented itself in the AI age

The 13+ best Walmart Labor Day deals 2025: Sales on Apple, Samsung, LG, and more

You can save up to $700 on my favorite Bluetti power stations for Labor Day

Call for Speakers – JS Conf Armenia 2025

Call for Speakers – JS Conf Armenia 2025

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

My Family Cinema not Working? 12 Quick Fixes

Super-linter – collection of linters and code analyzers

CVE-2025-9589 – Cudy WR1200EA Default Password Disclosure

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

CVE-2025-43963 – LibRaw Out-of-Bounds Access Vulnerability

Vampire Survivors stealth-launches Emerald Diorama DLC, but PlayStation cross-save looks unlikely

CVE-2025-6776 – Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

CVE-2025-36535 – Apache HTTP Server Unauthenticated Remote Access Vulnerability

CVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

This lightning-fast Linux distro will hook you the moment you try it

CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks

Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

CVE-2025-9589 – Cudy WR1200EA Default Password Disclosure

Related Posts