CVE-2025-22906 | RE11S 1.11 /goform/setWAN L2TPUserName command injection

Inserito da Angelo Barbosa | Gen 16, 2025 | CVE

A vulnerability was found in RE11S 1.11 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/setWAN. The manipulation of the argument L2TPUserName leads to command injection.

This vulnerability is handled as CVE-2025-22906. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2025-22906 | RE11S 1.11 /goform/setWAN L2TPUserName command injection

Post correlati

CVE-2023-48082 | Nagios XI up to 5.11.2 API Key random values

CVE-2024-27937 | GLPI up to 10.0.12 improper authorization

CVE-2024-6998 | Google Chrome up to 126.0.6478.182 User Education use after free

CVE-2024-8658 | wpexpertsio myCred Plugin up to 2.7.3 on WordPress mycred_update_database authorization