An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers and gain arbitrary command execution with elevated privileges.CreditsONEKEY Research LabsReferenceshttps://certvde.com/en/advisories/VDE-2025-052