CVE-2025-5437 | Multilaser Sirius RE016 MLT1.0 Password Change /cgi-bin/cstecgi.cgi improper authentication

Inserito da Angelo Barbosa | Giu 1, 2025 | CVE

A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Password Change Handler. The manipulation leads to improper authentication.

This vulnerability is traded as CVE-2025-5437. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5437 | Multilaser Sirius RE016 MLT1.0 Password Change /cgi-bin/cstecgi.cgi improper authentication

Post correlati

CVE-2024-37481 | RadiusTheme Post Grid Plugin up to 7.7.4 on WordPress authorization

CVE-2025-5024 | GNOME gnome-remote-desktop RDP PDU resource consumption

CVE-2023-49147 | geek Software PDF24 Creator up to 11.15.1 MSI Installer Local Privilege Escalation

CVE-2021-34957 | Foxit PDF Editor 11.0.0.49893 Highlight Annotation use after free (ZDI-21-1188)