CVE-2025-2983

Name of the Vulnerable Software and Affected Versions Legrand SMS PowerView versions 1.x

Description A critical issue has been discovered, affecting an unknown functionality. The manipulation of the redirect argument leads to os command injection. The exploit has been publicly disclosed. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Legrand SMS PowerView versions 1.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the redirect argument to minimize the risk of exploitation.