CVE-2025-43875 – iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 – Authenticated web application command injection – getOptionsInfo

CVE ID : CVE-2025-43875

Published : Dec. 24, 2025, 3:19 p.m. | 1 hour, 2 minutes ago

Description : Under certain circumstances the web application may allow an authenticated attacker to gain privileged access (‘root’
user) to the device

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-68750 – usb: potential integer overflow in usbg_make_tpg()

CVE-2025-43876 – iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 – Authenticated web application command injection – get8021xSettings

CVE-2025-60935 – Blitz Panel Open Redirect Vulnerability

CVE-2025-2155 – Arbitrary File Upload in EchoCCS’s Specto CM