CVE-2025-45492
published 2025-05-06CVE-2025-45492: Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | azl3_cmake_3.30.3-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_expat_2.6.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_expat_2.6.3-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_python3_3.12.3-5_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_cmake_3.21.4-17_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_expat_2.6.2-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_expat_2.6.3-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_python3_3.9.19-13_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| netgear | ex8000_firmware | — | — |