{"id":2993,"date":"2025-05-05T13:33:52","date_gmt":"2025-05-05T13:33:52","guid":{"rendered":"http:\/\/localhost\/?p=2993"},"modified":"2025-05-05T13:33:52","modified_gmt":"2025-05-05T13:33:52","slug":"cve-2025-25504","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=2993","title":{"rendered":"CVE-2025-25504"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nCVE-2025-25504<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-05-05T16:15:50<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-05-05T18:20:48<\/td>\n<\/tr>\n
CVSS Score<\/th>\n6.5 (MEDIUM)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nNETWORK<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nNONE<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nLOW<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nLOW<\/td>\n<\/tr>\n
Availability Impact<\/th>\nNONE<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-25504<\/td>\n<\/tr>\n
CWE<\/th>\nCWE-77, CWE-287<\/td>\n<\/tr>\n
Bulletin Family<\/th>\ncve<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n An issue in the \/usr\/local\/bin\/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges.\n <\/div>\n<\/p><\/div>\n
\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n6.5<\/td>\n<\/tr>\n
Severity<\/th>\nMEDIUM<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n