AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-44179: Hitron CGNF-TWN 3.1.1.43-TWN-pre3 contains a command injection vulnerability in the telnet service. The issue arises due

mediumvulnerability

security

Source: NVD/CVE DatabaseAugust 25, 2025CVE-2025-44179

Summary

Hitron CGNF-TWN version 3.1.1.43-TWN-pre3 has a command injection vulnerability (a flaw where an attacker can hide malicious commands in normal input) in its telnet service (a text-based remote access tool). An attacker can exploit this by sending crafted input through telnet to achieve RCE (remote code execution, where they can run commands on the device), potentially gaining unauthorized access to system settings and sensitive data.

Vulnerability Details

CVSS Score

6.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.4%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-77

CAPEC (Attack Pattern)

CAPEC-88

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-44179

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%