Vulnerability Database

299,879

Total vulnerabilities in the database

CVE-2025-43988

KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials.

Published: Aug 13, 2025
Updated: Aug 14, 2025
CVE: CVE-2025-43988
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://drive.proton.me/urls/9EB08033PW#2b7dTc2x705W
https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43988.txt
https://github.com/actuator/cve/tree/main/Kuwfi
https://kuwfi.com/products/nsa-sa-25gbps-kuwfi-6000mah-wifi-router-5g-dual-band-128users-portable-5g-wifi-router-with-sim-card-slot

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo