216.73.217.80

CVE-2025-4010

· Published 02/06/2025 07:15 · Modified 02/06/2025 17:32

Labels: CVE-2025-4010 2025-06-02CVE-2025-4010CWE-77[email protected]

Essential information

Published
02/06/2025 07:15
Modified
02/06/2025 17:32
Author
Creator
CVSS
8.6 HIGH (v3) 8.6 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
netcom / ntc 6200 cpe:2.3:a:netcom:ntc_6200:*:*:*:*:*:*:*:*
netcom / nwl 222 cpe:2.3:a:netcom:nwl_222:*:*:*:*:*:*:*:*

References