CVE-2025-44039

MEDIUM Year: 2025
CVSS v3 Score
5.1
Medium
Weakness Type
CWE-306
View all →

Vulnerability Description

CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive information without any authentication.

Related Vulnerabilities

CVE-2024-57055

MEDIUM
CVSS:5.0(Medium)

Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limit...

CWE-3062024

CVE-2023-29061

MEDIUM
CVSS:5.2(Medium)

There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify t...

CWE-3062023

CVE-2023-6949

MEDIUM
CVSS:5.2(Medium)

A Missing Authentication for Critical Function issue affecting the HTTP service running on the DJI Mavic Mini 3 Pro on the standard port 80 could allow an attacker to enumerate and download videos and...

CWE-3062023

CVE-2019-20105

MEDIUM
CVSS:4.9(Medium)

The EditApplinkServlet resource in the Atlassian Application Links plugin before version 5.4.20, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 b...

CWE-3062019

CVE-2020-19670

MEDIUM
CVSS:4.9(Medium)

In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords.

CWE-3062020

CVE-2021-32659

MEDIUM
CVSS:4.9(Medium)

Matrix-appservice-bridge is the bridging service for the Matrix communication program's application services. In versions 2.6.0 and earlier, if a bridge has room upgrade handling turned on in the conf...

CWE-3062021