CVE-2025-7769 | Tigo Energy Cloud Connect Advanced up to 4.0.1 /cgi-bin/mobile_api DEVICE_PING command injection (icsa-25-217-02)

Inserito da Angelo Barbosa | Ago 6, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Tigo Energy Cloud Connect Advanced up to 4.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mobile_api. The manipulation of the argument DEVICE_PING leads to command injection.

This vulnerability is handled as CVE-2025-7769. The attack may be launched remotely. There is no exploit available.

CVE-2025-7769 | Tigo Energy Cloud Connect Advanced up to 4.0.1 /cgi-bin/mobile_api DEVICE_PING command injection (icsa-25-217-02)

Post correlati

CVE-2024-45558 | Qualcomm Snapdragon Auto up to X75 5G Modem-RF System EXTN Element ID Parser buffer over-read

CVE-2024-56772 | Linux Kernel up to 6.12.3 kunit_init_suite use after free

CVE-2024-1596 | Ninja Forms File Uploads Plugin up to 3.3.16 on WordPress File Upload cross site scripting

CVE-2024-7900 | xiaohe4966 TpMeCMS 1.3.3.2 Basic Configuration config cross site scripting