Lucene search
K

98 matches found

NVD
NVD
added 2025/06/08 9:15 p.m.13 views

CVE-2025-32458

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.8CVSS0.00626EPSS
Exploits0References2
NVD
NVD
added 2025/06/08 9:15 p.m.9 views

CVE-2025-32456

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.8CVSS0.00619EPSS
Exploits0References2
NVD
NVD
added 2025/06/08 9:15 p.m.7 views

CVE-2025-32459

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.8CVSS0.00614EPSS
Exploits0References2
NVD
NVD
added 2025/06/08 9:15 p.m.8 views

CVE-2025-32455

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.8CVSS0.00614EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/08 9:4 p.m.10 views

CVE-2025-32459 ON Semiconductor Quantenna router_command.sh (in the sync_time argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS0.00614EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/08 9:4 p.m.3 views

CVE-2025-32459 ON Semiconductor Quantenna router_command.sh (in the sync_time argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.9AI score0.00614EPSS
Exploits0References2
CVE
CVE
added 2025/06/08 9:4 p.m.50 views

CVE-2025-32459

The CVE-2025-32459 entry concerns the Quantenna Wi‑Fi chipset where the local control script router_command.sh, used in the sync_time argument, is vulnerable to command injection (CWE-88). Affected product: Quantenna Wi‑Fi chipset up to SDK version 8.0.0.28. Root cause: improper neutralization of...

7.8CVSS7.9AI score0.00614EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/08 9:4 p.m.4 views

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS7.9AI score0.00626EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/08 9:4 p.m.14 views

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS0.00626EPSS
Exploits0References2
CVE
CVE
added 2025/06/08 9:4 p.m.54 views

CVE-2025-32458

The CVE-2025-32458 entry affects Quantenna Wi‑Fi chipset firmware (through version 8.0.0.28 of the latest SDK). The local control script router_command.sh (in the get_syslog_from_qtn argument) is vulnerable to command injection (CWE-88). The issue is described as LOCAL, with LOW privileges, NONE ...

7.8CVSS7.9AI score0.00626EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/06/08 9:3 p.m.50 views

CVE-2025-32457

The CVE-2025-32457 entry concerns the Quantenna Wi‑Fi chipset and details a command injection in a local control script. Affected component: router_command.sh (in the get_file_from_qtn argument) and related script paths, with root cause identified as CWE-88 (Improper Neutralization of Argument De...

7.8CVSS7.9AI score0.00626EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/08 9:3 p.m.9 views

CVE-2025-32457 ON Semiconductor Quantenna router_command.sh (in the get_file_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS0.00626EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/08 9:3 p.m.2 views

CVE-2025-32457 ON Semiconductor Quantenna router_command.sh (in the get_file_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS7.9AI score0.00626EPSS
Exploits0References2
CVE
CVE
added 2025/06/08 9:3 p.m.48 views

CVE-2025-32456

The CVE-2025-32456 entry is supported by connected documents describing a local command-injection vulnerability in Quantenna Wi‑Fi chipsets (through SDK version 8.0.0.28) via router_command.sh (in the put_file_to_qtn argument). This CWE-88 issue is also echoed by related CVEs (CVE-2025-3460 and C...

7.8CVSS7.9AI score0.00619EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/08 9:3 p.m.2 views

CVE-2025-32456 ON Semiconductor Quantenna router_command.sh (in the put_file_to_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS7.9AI score0.00619EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/08 9:3 p.m.11 views

CVE-2025-32456 ON Semiconductor Quantenna router_command.sh (in the put_file_to_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the putfiletoqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS0.00619EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/08 9:2 p.m.3 views

CVE-2025-32455 ON Semiconductor Quantenna router_command.sh (in the run_cmd argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS8.1AI score0.00614EPSS
Exploits0References2
CVE
CVE
added 2025/06/08 9:2 p.m.57 views

CVE-2025-32455

The CVE-2025-32455 family concerns the Quantenna Wi‑Fi chipset. A local control script vulnerability exists in router_command.sh (run_cmd argument), enabling command injection (CWE-88) with CVSS 3.1: Local, Low/None privileges and High impact on confidentiality and integrity (A: High, I: High, C:...

7.8CVSS7.9AI score0.00614EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/08 9:2 p.m.10 views

CVE-2025-32455 ON Semiconductor Quantenna router_command.sh (in the run_cmd argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS0.00614EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/08 9:2 p.m.17 views

CVE-2025-3461 ON Semiconductor Quantenna Telnet Missing Authentication

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. This issue affects Quantenna Wi-Fi chipset through versi...

9.1CVSS0.00503EPSS
Exploits1References2
Rows per page
Query Builder