{"id":64215,"date":"2025-08-21T12:14:19","date_gmt":"2025-08-21T12:14:19","guid":{"rendered":""},"modified":"2025-09-10T17:19:57","modified_gmt":"2025-09-10T23:19:57","slug":"cve-2025-43983-multiple-unauthenticated-access-control-vulnerabilities-in-kuwfi-cpf908-cp5-devices","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-43983-multiple-unauthenticated-access-control-vulnerabilities-in-kuwfi-cpf908-cp5-devices\/","title":{"rendered":"CVE-2025-43983: Multiple Unauthenticated Access Control Vulnerabilities in KuWFi CPF908-CP5 Devices<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity world is rife with threats, and one such vulnerability that has recently rocked the scene is CVE-2025-43983. This vulnerability is present in KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices, making them susceptible to unauthenticated access. This vulnerability is not only a threat to the security<\/a> of these devices, but it also poses a significant risk to the data and information stored within. The devices become an easy target for attackers who can retrieve sensitive information<\/a>, modify device settings and send arbitrary SMS messages without any authentication. This vulnerability is of particular concern to organizations that rely heavily on these devices, as it can lead to severe data leakage and potential system<\/a> compromise.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-43983
\nSeverity: Critical (9.1 CVSS Score)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Unauthorized access<\/a> to sensitive information, ability to modify critical device settings, and send arbitrary SMS messages<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n