Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2025
CVE-2025-5000
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function control_panel_sw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
5.3
EPSS Score
0.019
Published
2025-05-20
CVE-2025-44880
A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input.
CVSS Score
9.8
EPSS Score
0.13
Published
2025-05-20
CVE-2025-44882
A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input.
CVSS Score
9.8
EPSS Score
0.13
Published
2025-05-20
CVE-2025-44883
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20
CVE-2025-44891
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20
CVE-2025-44894
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20
CVE-2025-44896
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20
CVE-2025-44897
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20
CVE-2025-44898
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20
CVE-2025-44885
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-05-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved