CVE-2025-8890

CVSS v4.0

9.3

Vector

AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Name of the Vulnerable Software and Affected Versions SDMC NE6037 routers versions prior to 7.1.12.2.44

Description The network diagnostics tool in SDMC NE6037 routers is susceptible to a shell command injection attack. Exploitation requires an attacker to log in to the router's administrative portal, which is accessible only through LAN ports. The vulnerability allows for remote code execution after authentication.

Recommendations Update SDMC NE6037 router firmware to version 7.1.12.2.44 or later.

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2025-8890

Affected Products

Sdmc Ne6037 Routers

CVE-2025-8890

Weakness Enumeration

Related Identifiers

Affected Products

References · 7