CVE-2025-13798 | ADSLR NBR1005GPEV2 250814-r037c /send_order.cgi ap_macfilter_add mac command injection

Inserito da Angelo Barbosa | Nov 30, 2025 | CVE

A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. It has been declared as critical. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command injection.

This vulnerability appears as CVE-2025-13798. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13798 | ADSLR NBR1005GPEV2 250814-r037c /send_order.cgi ap_macfilter_add mac command injection

Post correlati

CVE-2024-13789 | matiskiba ravpage Plugin up to 2.31 on WordPress paramsv2 deserialization

CVE-2025-58148 | Xen Viridian Hypercall send_ipi out-of-bounds

CVE-2024-5557 | Schneider Electric SpaceLogic AS-P/SpaceLogic AS-B up to 5.0.3 SNMP Credentials log file (SEVD-2024-163-04)

CVE-2023-51810 | StackIdeas EasyDiscuss up to 5.0.9 Users Module search sql injection