CVE-2025-41663

An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers and gain arbitrary command execution with elevated privileges.

Credits

ONEKEY Research Labs

References