CVE-2025-70341 - Vulnerability Analysis
HighCVSS: 7.8Last Updated: March 5, 2026
App-Auto-Patch - Race Condition
Overview
App-Auto-Patch v3.4.2 contains a race condition caused by insecure permissions, letting attackers write arbitrary files remotely, exploit requires no special privileges.
Severity & Score
Impact
Attackers can write arbitrary files, potentially leading to code execution or system compromise.
Mitigation
Update to the latest version.
References
Social Media Activity(2 posts)
š CVE-2025-70341 - High (7.8) Insecure permissions in App-Auto-Patch v3.4.2 create a race condition which allows attackers to write arbitrary files. š https://www.thehackerwire.com/vulnerability/CVE-2025-70341/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postš CVE-2025-70341 - High (7.8) Insecure permissions in App-Auto-Patch v3.4.2 create a race condition which allows attackers to write arbitrary files. š https://www.thehackerwire.com/vulnerability/CVE-2025-70341/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postGitHub Repositories(1 repo)
Related Resources
Details
- CVE ID
- CVE-2025-70341
- Severity
- High
- CVSS Score
- 7.8
- Type
- race_condition
- Status
- confirmed
- EPSS
- 1.8%
- Social Posts
- 2
CWE
- CWE-94
CVSS Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H