High
CVSS 8.8
Overview
An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection.
CVE-2025-41661
An unauthenticated remote attacker can execute arbitrary commands with root priv...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 8.8 (HIGH)
- Detected tags: csrf (tag impact: MODERATE)
Recommended actions:
- CSRF tokens, SameSite=Strict for cookies, validate Origin/Referer.