Security Advisory

CVE-2025-3759

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-08 10:05:07

Last updated 2025-05-08 13:40:38

Assigner CERT-PL

State PUBLISHED

Description

Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was contacted early about this disclosure but did not respond in any way.

← Browse all CVEs View on cve.org ↗