CVE-2025-45835 | Netis WF2880 2.1.40207 Environment Variable cgitest.cgi FUN_004904c8 CONTENT_LENGTH null pointer dereference

Inserito da Angelo Barbosa | Mag 12, 2025 | CVE

A vulnerability classified as problematic has been found in Netis WF2880 2.1.40207. This affects the function FUN_004904c8 of the file cgitest.cgi of the component Environment Variable Handler. The manipulation of the argument CONTENT_LENGTH leads to null pointer dereference.

This vulnerability is uniquely identified as CVE-2025-45835. The attack can only be initiated within the local network. There is no exploit available.

CVE-2025-45835 | Netis WF2880 2.1.40207 Environment Variable cgitest.cgi FUN_004904c8 CONTENT_LENGTH null pointer dereference

Post correlati

CVE-2024-21498 | greenpau caddy-security HTTP Header X-Forwarded-Host server-side request forgery (Issue 269)

CVE-2024-36138 | Node.js up to 18.20.3/20.15.0/22.4.0 on Windows Incomplete Fix CVE-2024-27980 child_process.spawn/child_process.spawnSync command injection

CVE-2023-41973 | Zscaler Client Connector prior 4.3.0.121 on Windows ZSATray previousInstallerName path traversal

CVE-2024-42496 | Techno Support Company Smart-tab Android App credentials storage