Authenticated Remote Code Execution in PowerStick Wave Dual-Band Wifi Extender
CVE-2025-29534
Currently unrated
What is CVE-2025-29534?
An authenticated remote code execution vulnerability exists in the PowerStick Wave Dual-Band Wifi Extender V1.0, enabling attackers with valid user credentials to execute arbitrary commands with root privileges. This vulnerability arises from a lack of sufficient input sanitization in the execution of commands from the /cgi-bin/cgi_vista.cgi script, leading to the potential for system-level compromise. Users are advised to ensure that their devices are updated to the latest version to mitigate this risk.