Critical severityNVD Advisory· Published Nov 27, 2025· Updated Apr 15, 2026

CVE-2025-8890

Description

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.pl/en/posts/2025/11/CVE-2025-8890nvd
www.securitum.com/cve-2025-8890.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000