CVE 9.8 CRITICAL

CVE-2025-67447_CVE-2025-67447

June 4, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N

Description

The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands, which will be executed with the privileges of the web server.

AI Analysis

OS command injection vulnerability in the network diagnosis module

Basic Information

ID CVE-2025-67447

Source mitre

Published Jun 4, 2026 at 00:00

Modified Jun 4, 2026 at 17:57

Affected Product

Vendor Neterbit

Product Neterbit NW-431F Router

Version 20241014-IR03 and before

Affected Versions n/a n/a n/a

CWE Classification

CWE-78

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Neterbit

Product Neterbit NW-431F Router

Version 20241014-IR03 and before

References

{
    "lastseen": "",
    "description": "The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands, which will be executed with the privileges of the web server.",
    "published": "2026-06-04T00:00:00.000Z",
    "modified": "2026-06-04T17:57:34.286Z",
    "type": "cve",
    "title": "CVE-2025-67447",
    "source": "mitre",
    "references": "https://neterbit.com/\nhttps://github.com/fun-beep/CVEs/tree/main/CVE-2025-67447",
    "id": "CVE-2025-67447",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Neterbit NW-431F Router",
    "version": "20241014-IR03 and before",
    "vendor": "Neterbit",
    "ai_description": "OS command injection vulnerability in the network diagnosis module",
    "ai_severity": "Critical",
    "ai_vendor": "Neterbit",
    "ai_product": "Neterbit NW-431F Router",
    "ai_version": "20241014-IR03 and before",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply