CVE-2025-4010

Vulnerability Description

The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges.

Related Weaknesses (CWE)

CWE-77

References

https://www.onekey.com/resource/security-advisory-remote-command-execution-on-ne

FAQ

What is CVE-2025-4010?

CVE-2025-4010 is a documented vulnerability. The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple endpoints of the web interface are vulnerable to arbitrary command injection and use in...

How severe is CVE-2025-4010?

CVSS scoring is not yet available for CVE-2025-4010. Check NVD for updates.

Is there a patch for CVE-2025-4010?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.