CVE-2025-56007

6.5 MEDIUM

CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the device via adding additional users with...

Published: 2025-10-23 · Last updated: 2026-05-20

Severity and scoring

CVSS: 6.5 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE: CWE-93

Affected products

Vendor	Product
keenetic	keeneticos

Description

CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-56007
[Other]https://github.com/notdenied/writeups/blob/main/CVE/CVE-2025-56007.md
[Other]https://keenetic.com/
[Vendor advisory]https://keenetic.com/global/security#october-2025-web-api-vulnerabilities

Related CVEs

Same vendor

CVE-2025-56009 — Cross site request forgery (CSRF) vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device ... (5.3 MEDIUM)
CVE-2025-56008 — Cross site scripting (XSS) vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to t... (6.1 MEDIUM)

Same CWE

CVE-2026-12143 — form-data is a library for creating readable multipart/form-data streams (7.5 HIGH)
CVE-2026-50629 — The 'clientId' parameter from incoming HTTP requests is directly concatenated into OAuth2 server log warning messages without sanitizing ... (5.3 MEDIUM)
CVE-2026-49214 — guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP (5.3 MEDIUM)
CVE-2026-50639 — Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections (6.5 MEDIUM)
CVE-2026-50638 — Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections (9.1 CRITICAL)