Public CVE-2025-43986 disclosure

KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials.

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.