RCE in Asus Router

CVE-2025-59370

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.003 (49.5th percentile) — read the EPSS interpretation.