Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

CVE-2025-41764 is a high-severity vulnerability caused by insufficient authorization enforcement. An unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates to affected systems. This vulnerability allows complete bypass of authorization controls, potentially leading to system compromise. The flaw exists in the web interface's update mechanism, specifically targeting the wwwupdate.cgi script. Remote exploitation is possible without authentication, making this a critical security issue requiring immediate attention.