CVE-2025-13800

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c

Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c that allows for command injection. This issue is located within the set mesh disconnect function of the /send order.cgi file. Manipulation of the mac argument can lead to remote code execution. The exploit for this issue is publicly available. The vendor was informed of this issue but did not provide a response.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.