CVE-2025-41662

Name of the Vulnerable Software and Affected Versions The product name cannot be determined.

Description An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to a lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface, specifically the endpoint "tls iotgen setting".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.