CVE-2025-14706 | Shiguangwu sgwbox N3 2.0.25 NETREBOOT Interface http_eshell_server command injection

Inserito da Angelo Barbosa | Dic 14, 2025 | CVE

A vulnerability, which was classified as critical, was found in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of the file /usr/sbin/http_eshell_server of the component NETREBOOT Interface. Such manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2025-14706. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-14706 | Shiguangwu sgwbox N3 2.0.25 NETREBOOT Interface http_eshell_server command injection

Post correlati

CVE-2024-44400 | D-Link DI-8400 16.07.26A1 upgrade_filter_asp command injection

CVE-2024-0813 | Google Chrome prior 121.0.6167.85 use after free

CVE-2024-13530 | zia-imtiaz Custom Login Page Styler Plugin up to 7.1.1 on WordPress lps_handle_delete_all_logs authorization

CVE-2025-49641 | Zabbix up to 6.0.40/7.0.17/7.2.11/7.4.1 Monitoring authorization