CVE-2025-3626 – Apache Device OS Command Injection

CVE ID : CVE-2025-3626

Published : July 7, 2025, 10:15 a.m. | 58 minutes ago

Description : A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command (‘OS Command Injection’) while uploading a config file via webUI.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…