7.2
CVE-2025-2919
- EPSS 0.32%
- Veröffentlicht 28.03.2025 17:31:05
- Zuletzt bearbeitet 17.04.2025 14:06:09
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
LoginNetis WF-2404 UART hardware allows activation of test or debug logic at runtime
A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netis-systems ≫ Netis Wf-2404 Firmware Version1.1.124en
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.231 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@vuldb.com | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| cna@vuldb.com | 7 | 0 | 0 |
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-1313 Hardware Allows Activation of Test or Debug Logic at Runtime
During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary.
CWE-489 Active Debug Code
The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.
https://vuldb.com/?id.301894
https://vuldb.com/?ctiid.301894
https://vuldb.com/?submit.521036
https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with