3 matches found
CVE-2025-56008
Cross site scripting XSS vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions...
PT-2025-43522
Name of the Vulnerable Software and Affected Versions KeeneticOS versions prior to 4.3 Description A cross site request forgery CSRF issue exists in KeeneticOS. The issue is present in the ''/rci'' API endpoint and allows attackers to gain control of the device by adding users with full...
PT-2025-43520
Name of the Vulnerable Software and Affected Versions KeeneticOS versions prior to 4.3 Description A CRLF-injection flaw exists in KeeneticOS prior to version 4.3. This issue is present at the /auth API endpoint and could allow attackers to gain control of the device. Exploitation involves adding...