12 matches found
CVE-2026-24444
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...
CVE-2026-24444 SDMC NE6037 Hardcoded Password via mgmt.php/npcmd.php
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...
CVE-2026-24444 SDMC NE6037 Hardcoded Password via mgmt.php/npcmd.php
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...
CVE-2026-24444
CVE-2026-24444 concerns SDMC NE6037 cable modem routers with firmware 7.1.6.0.25 and 7.1.6.1.9_B9. A hardcoded password in the web management interface recovery endpoints (mgmt.php, npcmd.php) allows unauthenticated users to submit the credential via HTTP and gain root access. This enables enabli...
CVE-2025-8890
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...
EUVD-2025-199825
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...
CVE-2025-8890
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...
CVE-2025-8890
The CVE-2025-8890 entry applies to SDMC NE6037 routers. Affected firmware is prior to version 7.1.12.2.44, where the Network Diagnostics tool is vulnerable to a shell command injection. Exploitation requires authentication to the router’s administrative portal, which is typically reachable only v...
CVE-2025-8890 Authenticated RCE in SDMC NE6037 router
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...
CVE-2025-8890 Authenticated RCE in SDMC NE6037 router
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports...
SDMC NE6037 操作系统命令注入漏洞
The SDMC NE6037 is a cable modem from China's Sinodisk SDMC. An operating system command injection vulnerability exists in the SDMC NE6037 versions prior to 7.1.12.2.44, which stems from a shell command injection vulnerability in the Network Diagnostic Tool...
PT-2025-48267
Name of the Vulnerable Software and Affected Versions SDMC NE6037 routers versions prior to 7.1.12.2.44 Description The firmware in SDMC NE6037 routers contains a network diagnostics tool susceptible to shell command injection attacks. Exploitation requires an attacker to log in to the router's...