CNNVD-202512-2244 Information

CNNVD ID

CNNVD-202512-2244

Related CVE

CVE-2025-14485

• CNNVD Published: 2025-12-11

Description (Chinese)

EFM ipTIME A3004T是韩国EFM公司的一款无线路由器。 EFM ipTIME A3004T 14.19.0版本存在命令注入漏洞，该漏洞源于文件/sess-bin/timepro.cgi中参数aaksjdkfj处理不当，可能导致命令注入。

Description (English)

EFM iptime A3004T is a wireless router of the Korea company EFM. EFM iptime A3004T 14.19.0 has a command-injecting loophole, which stems from the inappropriate handling of the parameter aaksjdkfj in the document/sess-bin/timepro.cgi, which may lead to an order-injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

EFM

Published

2025-12-11

Last Modified

2026-02-24

References

https://pan.baidu.com/s/12VsWYY-bf2-Kfufbs2dlXw?pwd=drt https://vuldb.com/?ctiid.335768 https://vuldb.com/?id.335768 https://vuldb.com/?submit.702655 https://www.yuque.com/yuqueyonghuexlgkz/zepczx/mf0uog9s2ycay4g2?singleDoc