CVE-2025-43984

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://drive.proton.me/urls/1NRPNBE678#lFyUYIRIBZO5", "name": "https://drive.proton.me/urls/1NRPNBE678#lFyUYIRIBZO5", "tags": [], "refsource": ""}, {"url": "https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43984.txt", "name": "https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43984.txt", "tags": [], "refsource": ""}, {"url": "https://github.com/actuator/cve/tree/main/kuwfi", "name": "https://github.com/actuator/cve/tree/main/kuwfi", "tags": [], "refsource": ""}, {"url": "https://www.kuwfi.com/products/300mbps-industrial-router-cat4-4g-cpe-router-extender-strong-wifi-signal-suport-32wifi-users-with-sim-card-slot-95", "name": "https://www.kuwfi.com/products/300mbps-industrial-router-cat4-4g-cpe-router-extender-strong-wifi-signal-suport-32wifi-users-with-sim-card-slot-95", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnerable to unauthenticated /goform/goform_set_cmd_process requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root privileges."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-43984", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2025-08-14T14:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-15T13:15Z"}