Kunbus Product Security Update Advisory (CVE-2025-41646)

Overview

We have released a security update to address a vulnerability in our Kunbus products. Users of affected products are advised to update to the latest version.

 

 

Affected Products

 

CVE-2025-41646

 

Revolution Pi webstatus version: 2.4.5 and earlier

Revolution Pi Revolution Pi OS version: Bullseye 04/2024, 09/2023, 07/2023, 06/2023, 02/2024

 

 

Resolved Vulnerabilities

 

Authentication bypass vulnerability due to improper implementation of authentication algorithm in Revolution Pi webstatus (CVE-2025-41646)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-41646

 

Revolution Pi webstatus version: 2.4.6

 

 

Referenced Sites

 

[1] Kunbus-2025-0000003: Authentication Bypass in RevPi Webstatus
https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000003