CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. This issue affects Quantenna Wi-Fi chipset through versi...

9.1CVSS9.4AI score0.00307EPSS

Exploits1References1

RedhatCVE•added 2025/06/10 9:20 p.m.•3 views

CVE-2025-3459

The Quantenna Wi-Fi chipset ships with a local control script, transmitfile, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:20 p.m.•2 views

CVE-2025-3460

The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.8AI score0.00977EPSS

Exploits1References1

RedhatCVE•added 2025/06/10 9:19 p.m.•2 views

CVE-2025-32455

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:19 p.m.•2 views

CVE-2025-32456

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:19 p.m.•1 views

CVE-2025-32457

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7....

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:19 p.m.•2 views

CVE-2025-32458

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

NVD•added 2025/06/08 9:15 p.m.•5 views

CVE-2025-3461

9.8CVSS0.00307EPSS

Exploits1References2

NVD•added 2025/06/08 9:15 p.m.•8 views

CVE-2025-3460

7.8CVSS0.00977EPSS

Exploits1References2

NVD•added 2025/06/08 9:15 p.m.•16 views

CVE-2025-32457

7.8CVSS0.00331EPSS

Exploits0References2

NVD•added 2025/06/08 9:15 p.m.•6 views

CVE-2025-32459

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.8CVSS0.00331EPSS

Exploits0References2

NVD•added 2025/06/08 9:15 p.m.•12 views

CVE-2025-32458

7.8CVSS0.00331EPSS

Exploits0References2

NVD•added 2025/06/08 9:15 p.m.•8 views

CVE-2025-32456

7.8CVSS0.00331EPSS

Exploits0References2

Rows per page