CVE-2025-61235

Name of the Vulnerable Software and Affected Versions Dataphone A920 version 2025.07.161103

Description A crafted packet, based on public documentation, can be sent to the device. Normally, the device should reject packets with arbitrary or trivial data in certain fields. However, due to insufficient validation, the device accepts these packets without authentication and triggers functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.