CVE-2025-56009

Cross site request forgery CSRF vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit...

PT-2025-43521

Name of the Vulnerable Software and Affected Versions KeeneticOS versions prior to 4.3 Description A cross site scripting XSS issue exists in KeeneticOS. This flaw, found at the "Wireless ISP" page, could allow an attacker in close proximity to the router to gain control of the device by adding n...