CVE-2025-44039 — MEDIUM (5.1)

Vulnerability Description

CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive information without any authentication.

CVSS Score

5.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Cpplusworld	Cp-Xr-De21-S Firmware	1.031.022
Cpplusworld	Cp-Xr-De21-S	-

Related Weaknesses (CWE)

CWE-306

References

https://github.com/Yashodhanvivek/CP-XR-DE21-S--4G-Router-Vulnerabilities/blob/mExploitThird Party Advisory

FAQ

What is CVE-2025-44039?

CVE-2025-44039 is a vulnerability with a CVSS score of 5.1 (MEDIUM). CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a seri...

How severe is CVE-2025-44039?

CVE-2025-44039 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-44039?

Check the references section above for vendor advisories and patch information. Affected products include: Cpplusworld Cp-Xr-De21-S Firmware, Cpplusworld Cp-Xr-De21-S.