CVE-2025-3626

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined.

Description: A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command while uploading a config file via webUI.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.