4 matches found
CVE-2025-43988
KuWFi 5G01-X55 FL2020V0.0.12 devices expose an unauthenticated API endpoint ajaxget.cgi, allowing remote attackers to retrieve sensitive configuration data, including admin credentials...
PT-2025-33072 · Kuwfi · Kuwfi 5G01-X55
Name of the Vulnerable Software and Affected Versions: KuWFi 5G01-X55 version FL2020 V0.0.12 Description: KuWFi 5G01-X55 devices expose an unauthenticated API endpoint ajax get.cgi, allowing remote attackers to retrieve sensitive configuration data, including admin credentials. Recommendations:...
CVE-2025-43988
KuWFi 5G01-X55 FL2020V0.0.12 devices expose an unauthenticated API endpoint ajaxget.cgi, allowing remote attackers to retrieve sensitive configuration data, including admin credentials...
CVE-2025-43988
CVE-2025-43988 affects KuWFi 5G01‑X55 FL2020_V0.0.12. The device exposes an unauthenticated API endpoint (ajax_get.cgi), enabling remote retrieval of sensitive configuration data including admin credentials. Mitigation: disable or restrict access to the ajax_get.cgi endpoint (per PT‑security entr...