CVE-2025-41646

Summary

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

Affected Software

VendorProductVersion RangeStatus
KunbusRevolution Pi webstatus0.0.0 <= 2.4.5affected

Weaknesses

  • CWE-704: CWE-704 Incorrect Type Conversion or Cast

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References