PT-2025-13565 · Netis+1 · Netis Wf-2404+1

Scoozi

Published

2025-03-28

Updated

2025-03-29

CVE-2025-2922

CVSS v2.0

1.2

Low

Vector

AV:L/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Netis WF-2404 version 1.1.124EN

Description A problematic issue was found in the BusyBox Shell component, leading to cleartext storage of sensitive information. The attack can be launched on the physical device and has a high complexity, making exploitation difficult. The exploit has been publicly disclosed, and the vendor was contacted but did not respond.

Recommendations For Netis WF-2404 version 1.1.124EN, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310CWE-312

Related Identifiers

CVE-2025-2922

Affected Products

Busybox

Netis Wf-2404

PT-2025-13565 · Netis+1 · Netis Wf-2404+1

CVE-2025-2922

Weakness Enumeration

Related Identifiers

Affected Products

References · 8