CVE-2025-4122 | Netgear JWNR2000v2 1.0.0.11 sub_435E04 host command injection

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub_435E04. The manipulation of the argument host leads to command injection.

This vulnerability is handled as CVE-2025-4122. The attack may be launched remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4122 | Netgear JWNR2000v2 1.0.0.11 sub_435E04 host command injection

Post correlati

CVE-2024-29203 | TinyMCE up to 6.8.0 iFrame cross site scripting

CVE-2024-9329 | Eclipse Glassfish up to 7.0.16 /management/domain Host parameters

CVE-2023-2030 | GitLab Community Edition/Enterprise Edition up to 16.5.5/16.6.3/16.7.1 data authenticity

CVE-2024-47191 | oath-toolkit up to 2.6.11 pam_oath.so liboath/usersfile.c oath_authenticate_usersfile symlink (Nessus ID 208203)