CVE-2025-52379 – Nexxt Solutions NCM-X1800 Mesh Router Remote Command Injection Vulnerability

July 15, 2025

CVE ID : CVE-2025-52379

Published : July 15, 2025, 3:15 p.m. | 1 hour, 19 minutes ago

Description : Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update feature. The /web/um_fileName_set.cgi and /web/um_web_upgrade.cgi endpoints fail to properly sanitize the upgradeFileName parameter, allowing authenticated attackers to execute arbitrary OS commands on the device, resulting in remote code execution.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53621 – DSpace XXE Injection Vulnerability

Next Article CVE-2025-6971 – SOLIDWORKS eDrawings After Free Vulnerability

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-52379 – Nexxt Solutions NCM-X1800 Mesh Router Remote Command Injection Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Disentangled Safety Adapters Enable Efficient Guardrails and Flexible Inference-Time Alignment

Anthropic says Claude helps emotionally support users – we’re not convinced

CVE-2025-38221 – Linux Kernel ext4 Out-of-Bounds Punch Offset Vulnerability

Microsoft creates separate Windows 11 24H2 update for incompatible PCs

CVE-2025-7753 – Code-projects Online Appointment Booking System SQL Injection Vulnerability

FermiNet: Quantum physics and chemistry from first principles

GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs

India’s CERT-In steps in to warn users about Windows 10 end of support

CVE-2025-52379 – Nexxt Solutions NCM-X1800 Mesh Router Remote Command Injection Vulnerability

Related Posts