Vulnerabilities

CVE-2025-49162

by Fred · 03/06/2025

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.

Assigner : cve@mitre.org

More information : https://full-disclosure.eu/reports/2025/FDEU-CVE-2025-1c00-arris-bootloader-shell-injection.html

Similar

Tags: Cybersecurity Alert