CVE-2025-43983

Name of the Vulnerable Software and Affected Versions KuWFi CPF908-CP5 WEB5.0 LCD 20210125

Description Unauthenticated access control issues exist within the endpoints 'goform/goform set cmd process' and 'goform/goform get cmd process'. These flaws allow an unauthenticated attacker to retrieve sensitive information, such as the device admin username and password, modify critical device settings, and send arbitrary SMS messages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.