CVE-2025-32459 | ON Semiconductor Quantenna Wi-Fi Chipset up to 8.0.0.28 router_command.sh sync_time argument injection (EUVD-2025-17405)

Inserito da Angelo Barbosa | Giu 9, 2025 | CVE

A vulnerability classified as critical has been found in ON Semiconductor Quantenna Wi-Fi Chipset up to 8.0.0.28. Affected is an unknown function of the file router_command.sh. The manipulation of the argument sync_time leads to argument injection.

This vulnerability is traded as CVE-2025-32459. Local access is required to approach this attack. There is no exploit available.

CVE-2025-32459 | ON Semiconductor Quantenna Wi-Fi Chipset up to 8.0.0.28 router_command.sh sync_time argument injection (EUVD-2025-17405)

Post correlati

CVE-2025-49013 | WilderForge code injection (GHSA-m6r3-c73x-8fw5)

CVE-2024-47857 | SSH Communication Security PrivX up to 36.0 Public Key Privilege Escalation

CVE-2025-4987 | Dassault Systèmes Project Portfolio Manager cross site scripting

CVE-2024-5298 | D-Link D-View 2.0.1.28 queryDeviceCustomMonitorResult routine (ZDI-24-449)