CVE-2025-43983

Published: Aug 14, 2025

Modified: Aug 15, 2025

PUBLISHED

Description

KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform_set_cmd_process and goform/goform_get_cmd_process. These allow an unauthenticated attacker to retrieve sensitive information (including the device admin username and password), modify critical device settings, and send arbitrary SMS messages.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/actuator/cve/tree/main/KuWfi

https://drive.proton.me/urls/CN629YJ3F4#NUgX6IB4clos

https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43983.txt

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-43983

Description

Affected Products

References