3 matches found
CVE-2025-32459
The CVE-2025-32459 entry concerns the Quantenna Wi‑Fi chipset where the local control script router_command.sh, used in the sync_time argument, is vulnerable to command injection (CWE-88). Affected product: Quantenna Wi‑Fi chipset up to SDK version 8.0.0.28. Root cause: improper neutralization of...
CVE-2025-32459 ON Semiconductor Quantenna router_command.sh (in the sync_time argument) Argument Injection
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-32455 ON Semiconductor Quantenna router_command.sh (in the run_cmd argument) Argument Injection
The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...