CVE-2025-43984
published 2025-08-14CVE-2025-43984: An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnerable to…
PriorityP181critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
18.23%
96.9th percentile
An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnerable to unauthenticated /goform/goform_set_cmd_process requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root privileges.
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://drive.proton.me/urls/1NRPNBE678#lFyUYIRIBZO5https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43984.txthttps://github.com/actuator/cve/tree/main/kuwfihttps://www.kuwfi.com/products/300mbps-industrial-router-cat4-4g-cpe-router-extender-strong-wifi-signal-suport-32wifi-users-with-sim-card-slot-95
2025-08-14
Published