CVE-2025-34103P2CRITICALCVSS 9.3PoCfixed in 2.2.3.02025-07-15
CVE-2025-34103 [CRITICAL] CWE-78 CVE-2025-34103: An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions p
An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized before being passed to a system call, allowing an unauthenticated remote attacker to execute arbitrary commands as t
nvd