CVE-2025-24349

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Apr 30, 2025
Updated: May 2, 2025
CWE ID 183

Summary

CVE-2025-24349 is a vulnerability affecting the "Network Interfaces" functionality of the ctrlX OS web application. This issue grants remote, low-privileged attackers the ability to delete the configuration of physical network interfaces by sending a specially crafted HTTP request. Successful exploitation could lead to disrupted network connectivity or other unintended consequences. This vulnerability poses a potential risk to the availability and integrity of network infrastructure. Organizations using ctrlX OS should apply the necessary patches to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share