Unrated severityNVD Advisory· Published Apr 30, 2025· Updated Apr 30, 2025

Netgear JWNR2000v2 sub_435E04 command injection

CVE-2025-4122

Description

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub_435E04. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

Netgear/JWNR2000v2llm-fuzzy
Range: = 1.0.0.11
Netgear/JWNR2000v2v5
Range: 1.0.0.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vuldb.commitrethird-party-advisory
github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Command_injection-sub_435E04-auth_mac/README.mdmitrerelated
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description
www.netgear.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000