CVE-2025-41651CRITICAL 9.8EPSS p39.5%

CVE-2025-41651CVE-2025-41651

Description

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.51% probability of exploitation · percentile 39.5% · 2026-06-18T12:00:27Z
Published2025-05-27
Last modified2026-04-15

Underlying weaknesses· 1

CWE-306

References

  1. https://certvde.com/en/advisories/VDE-2025-044/

1

TypeTargetConfidenceTier
WeaknessMissing Authentication for Critical Functioncwe-3060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-3090
CVE
CVE-2025-41652
CVE
CVE-2025-41661
CVE
CVE-2025-0592
CVE
CVE-2025-6542
CVE
CVE-2025-6541
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.