CVE-2025-55423

Exploit

EPSS 0.56%
Veröffentlicht 20.01.2026 00:00:00
Zuletzt bearbeitet 30.01.2026 20:07:11
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation or sanitization, allowing OS command injection.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iptime ≫ N104s-r1 Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N104s-r1 Version-

Iptime ≫ N104v Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N104v Version-

Iptime ≫ N1e Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N1e Version-

Iptime ≫ N1plus Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N1plus Version-

Iptime ≫ N1plus-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N1plus-i Version-

Iptime ≫ N1v Firmware Version >= 11.01.2 <= 12.07.6

Iptime ≫ N1v Version-

Iptime ≫ N2e Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N2e Version-

Iptime ≫ N2eplus Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N2eplus Version-

Iptime ≫ N2plus Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N2plus Version-

Iptime ≫ N2plus-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N2plus-i Version-

Iptime ≫ N2v Firmware Version >= 10.09.2 <= 12.16.8

Iptime ≫ N2v Version-

Iptime ≫ N2vs Firmware Version12.16.8

Iptime ≫ N2vs Version-

Iptime ≫ N3 Firmware Version >= 9.93.2 <= 10.06.8

Iptime ≫ N3 Version-

Iptime ≫ N3-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N3-i Version-

Iptime ≫ N5 Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N5 Version-

Iptime ≫ N5-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N5-i Version-

Iptime ≫ N6 Firmware Version >= 9.96.8 <= 10.06.8

Iptime ≫ N6 Version-

Iptime ≫ N600 Firmware Version >= 10.00.8 <= 12.16.2

Iptime ≫ N600 Version-

Iptime ≫ N6004r Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N6004r Version-

Iptime ≫ N602e Firmware Version >= 11.96.6 <= 12.16.8

Iptime ≫ N602e Version-

Iptime ≫ N602eplus Firmware Version >= 12.14.2 <= 12.16.2

Iptime ≫ N602eplus Version-

Iptime ≫ N602se Firmware Version >= 14.19.0 <= 14.19.4

Iptime ≫ N602se Version-

Iptime ≫ N604 Black Firmware Version >= 9.93.8 <= 12.16.2

Iptime ≫ N604 Black Version-

Iptime ≫ N604a Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N604a Version-

Iptime ≫ N604e Firmware Version >= 10.09.2 <= 14.19.4

Iptime ≫ N604e Version-

Iptime ≫ N604eplus Firmware Version >= 12.14.2 <= 14.19.4

Iptime ≫ N604eplus Version-

Iptime ≫ N604plus Firmware Version >= 9.90.8 <= 12.15.2

Iptime ≫ N604plus Version-

Iptime ≫ N604plus-i Firmware Version >= 9.99.6 <= 12.14.6

Iptime ≫ N604plus-i Version-

Iptime ≫ N604r Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N604r Version-

Iptime ≫ N604rplus Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N604rplus Version-

Iptime ≫ N604rplus-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N604rplus-i Version-

Iptime ≫ N604s Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N604s Version-

Iptime ≫ N604se Firmware Version >= 14.18.4 <= 14.19.4

Iptime ≫ N604se Version-

Iptime ≫ N604t Firmware Version >= 9.90.8 <= 10.03.2

Iptime ≫ N604t Version-

Iptime ≫ N604tplus Firmware Version >= 9.90.8 <= 10.03.2

Iptime ≫ N604tplus Version-

Iptime ≫ N604v Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N604v Version-

Iptime ≫ N604vplus Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N604vplus Version-

Iptime ≫ N7004ns Firmware Version9.91.2

Iptime ≫ N7004ns Version-

Iptime ≫ N702bcm Firmware Version >= 9.90.8 <= 12.16.2

Iptime ≫ N702bcm Version-

Iptime ≫ N702e Firmware Version >= 10.09.2 <= 12.16.2

Iptime ≫ N702e Version-

Iptime ≫ Ax11000 Firmware Version >= 14.16.6 <= 14.19.4

Iptime ≫ Ax11000 Version-

Iptime ≫ Ax2002mesh Firmware Version >= 14.16.6 <= 14.19.4

Iptime ≫ Ax2002mesh Version-

Iptime ≫ Ax2004 Firmware Version >= 14.17.4 <= 14.19.4

Iptime ≫ Ax2004 Version-

Iptime ≫ Ax2004bcm Firmware Version >= 12.04.2 <= 14.19.4

Iptime ≫ Ax2004bcm Version-

Iptime ≫ Ax2004m Firmware Version >= 14.02.0 <= 14.19.4

Iptime ≫ Ax2004m Version-

Iptime ≫ Ax3004bcm Firmware Version >= 14.16.2 <= 14.19.4

Iptime ≫ Ax3004bcm Version-

Iptime ≫ Ax3004itl Firmware Version >= 12.01.2 <= 14.19.4

Iptime ≫ Ax3004itl Version-

Iptime ≫ Ax8004bcm Firmware Version >= 11.97.2 <= 14.19.4

Iptime ≫ Ax8004bcm Version-

Iptime ≫ Ax8004m Firmware Version >= 14.05.2 <= 14.19.4

Iptime ≫ Ax8004m Version-

Iptime ≫ Ax8008m Firmware Version >= 14.15.4 <= 14.19.4

Iptime ≫ Ax8008m Version-

Iptime ≫ A1 Firmware Version >= 9.96.8 <= 10.07.4

Iptime ≫ A1 Version-

Iptime ≫ A1004 Firmware Version >= 9.90.8 <= 12.16.2

Iptime ≫ A1004 Version-

Iptime ≫ A1004ns Firmware Version >= 9.96.0 <= 12.16.2

Iptime ≫ A1004ns Version-

Iptime ≫ A1004v Firmware Version >= 9.90.8 <= 12.16.2

Iptime ≫ A1004v Version-

Iptime ≫ A104 Firmware Version >= 9.90.8 <= 10.03.8

Iptime ≫ A104 Version-

Iptime ≫ A104ns Firmware Version >= 9.96.0 <= 12.16.2

Iptime ≫ A104ns Version-

Iptime ≫ A104r Firmware Version >= 9.90.8 <= 10.07.4

Iptime ≫ A104r Version-

Iptime ≫ A104r Firmware Version-

Iptime ≫ A104r Version-

Iptime ≫ A2003mu Firmware Version >= 12.13.0 <= 12.16.2

Iptime ≫ A2003mu Version-

Iptime ≫ A2003ns-mu Firmware Version >= 10.00.6 <= 12.16.2

Iptime ≫ A2003ns-mu Version-

Iptime ≫ A2004 Firmware Version >= 9.90.8 <= 10.07.4

Iptime ≫ A2004 Version-

Iptime ≫ A2004mu Firmware Version >= 10.08.6 <= 12.17.0

Iptime ≫ A2004mu Version-

Iptime ≫ A2004ns Firmware Version >= 9.90.8 <= 11.00.4

Iptime ≫ A2004ns Version-

Iptime ≫ A2004ns-mu Firmware Version >= 10.08.6 <= 12.17.0

Iptime ≫ A2004ns-mu Version-

Iptime ≫ A2004ns-r Firmware Version >= 9.90.8 <= 11.00.4

Iptime ≫ A2004ns-r Version-

Iptime ≫ A2004nsplus Firmware Version >= 9.90.8 <= 11.00.4

Iptime ≫ A2004nsplus Version-

Iptime ≫ A2004plus Firmware Version >= 9.90.8 <= 10.07.4

Iptime ≫ A2004plus Version-

Iptime ≫ A2004r Firmware Version >= 9.90.8 <= 10.07.4

Iptime ≫ A2004r Version-

Iptime ≫ A2004se Firmware Version >= 14.16.6 <= 14.19.4

Iptime ≫ A2004se Version-

Iptime ≫ A2008 Firmware Version >= 9.90.8 <= 10.07.4

Iptime ≫ A2008 Version-

Iptime ≫ A3 Firmware Version >= 9.97.2 <= 10.07.2

Iptime ≫ A3 Version-

Iptime ≫ A3002mesh Firmware Version >= 12.05.4 <= 14.19.4

Iptime ≫ A3002mesh Version-

Iptime ≫ A3003ns Firmware Version >= 9.99.8 <= 11.00.4

Iptime ≫ A3003ns Version-

Iptime ≫ A3004 Firmware Version >= 9.90.8 <= 10.08.2

Iptime ≫ A3004 Version-

Iptime ≫ A3004-dual Firmware Version >= 9.90.4 <= 10.07.2

Iptime ≫ A3004-dual Version-

Iptime ≫ A3004m Firmware Version >= 14.18.4 <= 14.19.4

Iptime ≫ A3004m Version-

Iptime ≫ A3004ns Firmware Version >= 9.90.2 <= 10.09.4

Iptime ≫ A3004ns Version-

Iptime ≫ A3004ns-bcm Firmware Version >= 9.95.8 <= 11.00.4

Iptime ≫ A3004ns-bcm Version-

Iptime ≫ A3004ns-dual Firmware Version >= 9.90.4 <= 12.09.4

Iptime ≫ A3004ns-dual Version-

Iptime ≫ A3004ns-m Firmware Version >= 10.05.4 <= 14.19.4

Iptime ≫ A3004ns-m Version-

Iptime ≫ A3004t Firmware Version >= 12.10.2 <= 14.19.4

Iptime ≫ A3004t Version-

Iptime ≫ A3004tw Firmware Version >= 14.15.2 <= 14.19.4

Iptime ≫ A3004tw Version-

Iptime ≫ A3008-mu Firmware Version >= 10.08.4 <= 14.19.4

Iptime ≫ A3008-mu Version-

Iptime ≫ A304 Firmware Version >= 10.05.4 <= 10.07.4

Iptime ≫ A304 Version-

Iptime ≫ A5004ns Firmware Version >= 9.90.2 <= 11.00.4

Iptime ≫ A5004ns Version-

Iptime ≫ A5004ns-m Firmware Version >= 10.05.4 <= 14.19.4

Iptime ≫ A5004ns-m Version-

Iptime ≫ A6004mx Firmware Version >= 12.04.6 <= 14.19.4

Iptime ≫ A6004mx Version-

Iptime ≫ A6004ns Firmware Version >= 9.90.2 <= 11.00.4

Iptime ≫ A6004ns Version-

Iptime ≫ A6004ns-m Firmware Version >= 9.99.8 <= 14.19.4

Iptime ≫ A6004ns-m Version-

Iptime ≫ A604 Firmware Version >= 9.90.8 <= 12.06.6

Iptime ≫ A604 Version-

Iptime ≫ A604-v3 Firmware Version >= 10.01.6 <= 10.07.2

Iptime ≫ A604-v3 Version-

Iptime ≫ A604-v5 Firmware Version >= 10.09.2 <= 12.16.2

Iptime ≫ A604-v5 Version-

Iptime ≫ A604g-mu Firmware Version >= 10.07.4 <= 12.16.2

Iptime ≫ A604g-mu Version-

Iptime ≫ A604g-skylife Firmware Version >= 12.02.4 <= 12.12.4

Iptime ≫ A604g-skylife Version-

Iptime ≫ A604m Firmware Version >= 10.06.4 <= 10.07.2

Iptime ≫ A604m Version-

Iptime ≫ A604mu Firmware Version >= 12.12.4 <= 12.16.2

Iptime ≫ A604mu Version-

Iptime ≫ A604r Firmware Version >= 10.09.2 <= 12.16.2

Iptime ≫ A604r Version-

Iptime ≫ A604se Firmware Version >= 14.17.2 <= 14.19.4

Iptime ≫ A604se Version-

Iptime ≫ A604v Firmware Version >= 9.90.8 <= 10.07.4

Iptime ≫ A604v Version-

Iptime ≫ A6ns-m Firmware Version >= 10.01.6 <= 14.19.4

Iptime ≫ A6ns-m Version-

Iptime ≫ A7004m Firmware Version >= 10.06.8 <= 14.19.4

Iptime ≫ A7004m Version-

Iptime ≫ A704ns-bcm Firmware Version >= 9.95.8 <= 11.00.4

Iptime ≫ A704ns-bcm Version-

Iptime ≫ A7ns Firmware Version >= 9.96.0 <= 11.00.4

Iptime ≫ A7ns Version-

Iptime ≫ A8004bcm Firmware Version >= 11.99.1 <= 12.16.2

Iptime ≫ A8004bcm Version-

Iptime ≫ A8004itl Firmware Version >= 11.00.4 <= 14.19.4

Iptime ≫ A8004itl Version-

Iptime ≫ A8004ns-m Firmware Version >= 9.99.2 <= 14.19.4

Iptime ≫ A8004ns-m Version-

Iptime ≫ A8004t Firmware Version >= 10.06.8 <= 14.19.4

Iptime ≫ A8004t Version-

Iptime ≫ A8004t-xr Firmware Version >= 11.97.2 <= 14.19.4

Iptime ≫ A8004t-xr Version-

Iptime ≫ A804ns-mu Firmware Version >= 10.06.4 <= 12.10.2

Iptime ≫ A804ns-mu Version-

Iptime ≫ A8ns-m Firmware Version >= 10.03.2 <= 14.19.4

Iptime ≫ A8ns-m Version-

Iptime ≫ A9004m Firmware Version >= 10.05.4 <= 14.19.4

Iptime ≫ A9004m Version-

Iptime ≫ A9004m-x2 Firmware Version >= 11.98.2 <= 14.19.4

Iptime ≫ A9004m-x2 Version-

Iptime ≫ Ew302n Firmware Version >= 9.90.8 <= 12.16.2

Iptime ≫ Ew302n Version-

Iptime ≫ N102e Firmware Version >= 11.00.8 <= 12.15.2

Iptime ≫ N102e Version-

Iptime ≫ N102eplus Firmware Version >= 12.14.2 <= 12.15.2

Iptime ≫ N102eplus Version-

Iptime ≫ N102i Firmware Version >= 11.01.2 <= 12.15.2

Iptime ≫ N102i Version-

Iptime ≫ N102iplus Firmware Version >= 12.14.2 <= 12.15.2

Iptime ≫ N102iplus Version-

Iptime ≫ N104 Black Firmware Version >= 9.93.8 <= 10.06.8

Iptime ≫ N104 Black Version-

Iptime ≫ N104e Firmware Version >= 10.09.4 <= 12.15.2

Iptime ≫ N104e Version-

Iptime ≫ N104eplus Firmware Version >= 12.14.2 <= 12.15.2

Iptime ≫ N104eplus Version-

Iptime ≫ N104k Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N104k Version-

Iptime ≫ N104plus Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N104plus Version-

Iptime ≫ N104plus-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N104plus-i Version-

Iptime ≫ N104q Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N104q Version-

Iptime ≫ N104q-i Firmware Version >= 9.99.6 <= 10.06.8

Iptime ≫ N104q-i Version-

Iptime ≫ N104r Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N104r Version-

Iptime ≫ N702eplus Firmware Version >= 12.12.4 <= 12.16.2

Iptime ≫ N702eplus Version-

Iptime ≫ N702r Firmware Version >= 10.05.8 <= 10.06.8

Iptime ≫ N702r Version-

Iptime ≫ N704-a3 Firmware Version >= 9.90.8 <= 10.06.8

Iptime ≫ N704-a3 Version-

Iptime ≫ N704bcm Firmware Version >= 9.90.8 <= 12.16.2

Iptime ≫ N704bcm Version-

Iptime ≫ N704e Firmware Version >= 11.98.4 <= 12.16.2

Iptime ≫ N704e Version-

Iptime ≫ N704eplus Firmware Version >= 12.14.2 <= 12.16.2

Iptime ≫ N704eplus Version-

Iptime ≫ N704ns Firmware Version >= 9.91.4 <= 9.96.0

Iptime ≫ N704ns Version-

Iptime ≫ N704qca Firmware Version >= 10.02.4 <= 12.16.2

Iptime ≫ N704qca Version-

Iptime ≫ N704v3 Firmware Version >= 9.90.8 <= 12.10.2

Iptime ≫ N704v3 Version-

Iptime ≫ N8004r Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N8004r Version-

Iptime ≫ N8004v Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N8004v Version-

Iptime ≫ N804 Firmware Version >= 9.91.2 <= 9.96.8

Iptime ≫ N804 Version-

Iptime ≫ N804a Firmware Version >= 9.91.2 <= 9.96.8

Iptime ≫ N804a Version-

Iptime ≫ N804a3 Firmware Version >= 9.90.8 <= 9.96.8

Iptime ≫ N804a3 Version-

Iptime ≫ N804r Firmware Version >= 10.06.4 <= 12.16.2

Iptime ≫ N804r Version-

Iptime ≫ N804t Firmware Version >= 9.91.2 <= 9.96.8

Iptime ≫ N804t Version-

Iptime ≫ N804t3 Firmware Version >= 9.90.8 <= 9.96.8

Iptime ≫ N804t3 Version-

Iptime ≫ N804v Firmware Version >= 9.91.2 <= 9.96.8

Iptime ≫ N804v Version-

Iptime ≫ N904 Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N904 Version-

Iptime ≫ N904ns Firmware Version >= 9.91.4 <= 9.96.0

Iptime ≫ N904ns Version-

Iptime ≫ N904plus Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N904plus Version-

Iptime ≫ N904v Firmware Version >= 9.90.8 <= 10.02.2

Iptime ≫ N904v Version-

Iptime ≫ Smart Firmware Version >= 9.90.8 <= 9.94.2

Iptime ≫ Smart Version-

Iptime ≫ Q1 Firmware Version9.91.2

Iptime ≫ Q1 Version-

Iptime ≫ Q304 Firmware Version9.91.2

Iptime ≫ Q304 Version-

Iptime ≫ Q504 Firmware Version9.91.2

Iptime ≫ Q504 Version-

Iptime ≫ Q604 Firmware Version9.91.2

Iptime ≫ Q604 Version-

Iptime ≫ T16000 Firmware Version >= 9.91.2 <= 11.03.6

Iptime ≫ T16000 Version-

Iptime ≫ T16000m Firmware Version >= 12.07.4 <= 14.19.4

Iptime ≫ T16000m Version-

Iptime ≫ T24000 Firmware Version >= 9.91.2 <= 11.03.6

Iptime ≫ T24000 Version-

Iptime ≫ T24000m Firmware Version >= 12.07.4 <= 14.19.4

Iptime ≫ T24000m Version-

Iptime ≫ T3004 Firmware Version >= 9.90.8 <= 12.07.6

Iptime ≫ T3004 Version-

Iptime ≫ T3008 Firmware Version >= 9.90.8 <= 12.09.6

Iptime ≫ T3008 Version-

Iptime ≫ T5004 Firmware Version >= 11.96.4 <= 14.19.4

Iptime ≫ T5004 Version-

Iptime ≫ T5008 Firmware Version >= 11.98.2 <= 14.19.4

Iptime ≫ T5008 Version-

Iptime ≫ V304 Firmware Version9.91.2

Iptime ≫ V304 Version-

Iptime ≫ V504 Firmware Version >= 9.90.8 <= 12.15.2

Iptime ≫ V504 Version-

Iptime ≫ V508 Firmware Version >= 10.02.2 <= 10.06.4

Iptime ≫ V508 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.56%	0.679

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://iptime.com/iptime/?pageid=4&page_id=126&dfsid=3&dftid=583&uid=25203&mod=document

Vendor Advisory

https://docs.google.com/spreadsheets/d/1kryOFltCmnPJvDTpIrudgryt79uI4PWchuQ8-Gak24c/edit?usp=sharing

Third Party Advisory

https://github.com/0x0xxxx/CVE/blob/main/CVE-2025-55423/README.md

Third Party Advisory

Exploit

https://github.com/0x0xxxx/CVE/blob/main/CVE-2025-55423/assets/affected_products_cve_format.json

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-55423

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-55423

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-55423

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-55423