CVE-2025-5437 | Multilaser Sirius RE016 MLT1.0 Password Change /cgi-bin/cstecgi.cgi improper authentication

Inserito da Angelo Barbosa | Giu 1, 2025 | CVE

A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Password Change Handler. The manipulation leads to improper authentication.

This vulnerability is traded as CVE-2025-5437. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5437 | Multilaser Sirius RE016 MLT1.0 Password Change /cgi-bin/cstecgi.cgi improper authentication

Post correlati

CVE-2024-31402 | Cybozu Garoon up to 5.15.2 Shared To-Do improper authentication

CVE-2025-0702 | JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d SysFileController.java portraitFile unrestricted upload

CVE-2024-13589 | johnnya23 YouTube Playlists with Schema Plugin up to 2.6.1 on WordPress Shortcode yt_grid cross site scripting

CVE-2023-44151 | Brainstorm Force Pre-Publish Checklist Plugin up to 1.1.1 on WordPress authorization