CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-52379: Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update...

Description

Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update feature. The /web/um_fileName_set.cgi and /web/um_web_upgrade.cgi endpoints fail to properly sanitize the upgradeFileName parameter, allowing authenticated attackers to execute arbitrary OS commands on the device, resulting in remote code execution.

Classification

CVE ID: CVE-2025-52379

Affected Products

Vendor: n/a

Product: n/a

References

https://nvd.nist.gov/vuln/detail/CVE-2025-52379
https://github.com/Vagebondcur/nexxt-solutions-NCM-X1800-exploits
https://github.com/Vagebondcur/nexxt-solutions-NCM-X1800-exploits/blob/main/CVE-2025-52379/writeup.md

Timeline

2025-07-15 15:40:13 UTC
CVE

Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update...