CVE-2026-25789 — Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file — CVE Database · The Intelligence Room