CVE-2025-43989 Information

Aug 14, 2025 cve

Description

The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the set_timesetting action with the ntpserver0 parameter which is used in a system command. By setting a username=admin cookie (bypassing normal session checks) an unauthenticated attacker can use that parameter to execute arbitrary OS commands.

Reference

https://drive.proton.me/urls/H7J1DPNA00#XrmRLENzyZAp https://drive.proton.me/urls/H7J1DPNA00#XrmRLENzyZAp https://drive.proton.me/urls/QDVK6E2SBR#8LlpbHWzHdmr https://drive.proton.me/urls/QDVK6E2SBR#8LlpbHWzHdmr https://github.com/actuator/cve/blob/main/Tuoshi/CVE-2025-43989.txt https://github.com/actuator/cve/tree/main/Tuoshi

CNNVD-202508-1438 (Published: 2025-08-13)

Share on:

CVE-2025-43989 Information

Description

Reference

Related CNNVD