CVE-2025-50635

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Netis WF2780 version 2.2.35445

Description: A null pointer dereference issue exists in the FUN 0048a728 function within the cgitest.cgi file. Exploitation involves controlling the CONTENT LENGTH variable, which can lead to a denial-of-service (DoS) attack.

Recommendations: Update to a newer version that contains a fix for this issue. As a temporary workaround, restrict access to the cgitest.cgi file to minimize the risk of exploitation.

Exploit

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2025-50635

Affected Products

Netis Wf2780

CVE-2025-50635

Weakness Enumeration

Related Identifiers

Affected Products

References · 8