CVE-2025-41710
published 2026-03-10CVE-2025-41710: An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.
PriorityP343medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
0.39%
30.6th percentile
An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| janitza | umg_96rm-e_230v | 0.0 – 3.13 | — |
| janitza | umg_96rm-e_24v | 0.0 – 3.13 | — |
| weidmueller | energy_meter_750-230 | 0.0 – 3.13 | — |
| weidmueller | energy_meter_750-24 | 0.0 – 3.13 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cisa7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-65h5-c5p7-m3fp: An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write priv
ghsa_unreviewed·2026-03-10
CVE-2025-41710 [MEDIUM] CWE-798 GHSA-65h5-c5p7-m3fp: An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write priv
An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.
CISA
Mitel SIP Phones Argument Injection Vulnerability
cisa·2025-02-12·CVSS 7.2
CVE-2024-41710 [HIGH] CWE-88 Mitel SIP Phones Argument Injection Vulnerability
Vulnerability: Mitel SIP Phones Argument Injection Vulnerability
Affected: Mitel SIP Phones
Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary commands within the context of the system.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes: https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0019-001-v2.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2024-41710
Remediation Due Date: 2025-03-05
Suricata
ET WEB_SPECIFIC_APPS Mitel 6800 802.1x Support Command Injection (CVE-2024-41710)
suricata·2025-01-30·CVSS 7.2
CVE-2024-41710 [HIGH] ET WEB_SPECIFIC_APPS Mitel 6800 802.1x Support Command Injection (CVE-2024-41710)
ET WEB_SPECIFIC_APPS Mitel 6800 802.1x Support Command Injection (CVE-2024-41710)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Mitel 6800 802.1x Support Command Injection (CVE-2024-41710)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/8021xsupport.html"; fast_pattern; http.request_body; content:"802|2e|1x|2b|identity|3d|"; pcre:"/^[^\x26]*?\x25(?:\x21d\x28|dt)/R"; reference:url,www.akamai.com/blog/security-research/2025-january-new-aquabot-mirai-variant-exploiting-mitel-phones; reference:cve,2024-41710; classtype:web-application-attack; sid:2059785; rev:1; metadata:affected_product Mitel, attack_target Server, tls_state TLSDecrypt, created_at 2025_01_30, cve CVE_2024_41710, deployment Perimeter, deployment Internal, deploym
No public exploits indexed.
No writeups or analysis indexed.
2026-03-10
Published