CVE-2025-25504 Information

Description

An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h v1.86v and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges.

Reference

http://gefen.com https://www.troy-wilson.com/cve-2025-25504.html