Keeneticos

keeneticos

Vendor: Keenetic • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-56009 1Keenetic 1Keeneticos May 20, 2026 Oct 23, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Cross site request forgery (CSRF) vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open pa...Show more Cross site request forgery (CSRF) vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.Show less
CVE-2025-56008 1Keenetic 1Keeneticos May 20, 2026 Oct 23, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross site scripting (XSS) vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions.
CVE-2025-56007 1Keenetic 1Keeneticos May 20, 2026 Oct 23, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.