CVE-2025-54084

OS Command 'OS Command Injection' vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows authenticated attackers with 'super' user credentials to execute arbitrary OS commands through improper input validation, potentially leading to full system compromise.This issue affects GigaCente...

CVE-2025-32459

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-32457 ON Semiconductor Quantenna router_command.sh (in the get_file_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-32457 ON Semiconductor Quantenna router_command.sh (in the get_file_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-32456

The CVE-2025-32456 entry is supported by connected documents describing a local command-injection vulnerability in Quantenna Wi‑Fi chipsets (through SDK version 8.0.0.28) via router_command.sh (in the put_file_to_qtn argument). This CWE-88 issue is also echoed by related CVEs (CVE-2025-3460 and C...

CVE-2025-32456 ON Semiconductor Quantenna router_command.sh (in the put_file_to_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-3460 ON Semiconductor Quantenna set_tx_pow Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-3459 ON Semiconductor Quantenna transmit_file Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, transmitfile, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞

Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection in the synctime parameter of the...

PT-2025-24371

Name of the Vulnerable Software and Affected Versions Quantenna Wi-Fi chipset versions through 8.0.0.28 Description The Quantenna Wi-Fi chipset has a local control script, router command.sh, that is vulnerable to command injection, specifically in the get syslog from qtn argument. This issue is...