CVE-2025-4010

High CVSS: 8.6

The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges.

Vendor

Product

CWE

CWE-77

Yayın Tarihi

2025-06-02 07:15:21

Güncelleme

2025-06-02 17:32:17

Source Identifier

research@onekey.com

KEV Date Added

Kategoriler

CWE-77 HIGH 2025

Referanslar

https://www.onekey.com/resource/security-advisory-remote-command-execution-on-netcomm-ntc-6200-and-nwl-222