CVE-2025-13797 | ADSLR B-QE2W401 250814-r037c /send_order.cgi parameterdel_swifimac command injection

Inserito da Angelo Barbosa | Nov 30, 2025 | CVE

A vulnerability was found in ADSLR B-QE2W401 250814-r037c. It has been classified as critical. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swifimac results in command injection.

This vulnerability is reported as CVE-2025-13797. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13797 | ADSLR B-QE2W401 250814-r037c /send_order.cgi parameterdel_swifimac command injection

Post correlati

CVE-2024-11645 | Float Block Plugin up to 1.7 on WordPress Setting cross site scripting

CVE-2024-42994 | VTiger CRM up to 8.1.0 MailManager CompanyDetails sql injection

CVE-2024-6036 | gaizhenbiao ChuanhuChatGPT up to 20240410 /queue/join fn_index resource consumption

CVE-2024-24795 | Apache HTTP Server up to 2.4.58 Module response splitting