CVE-2025-52376 – Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

July 15, 2025

CVE ID : CVE-2025-52376

Published : July 15, 2025, 2:15 p.m. | 1 hour, 29 minutes ago

Description : An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server is then accessible with hard-coded credentials, allowing attackers to gain administrative shell access and execute arbitrary commands on the device.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6965 – SQLite Aggregate Overflow

Next Article CVE-2025-34116 – IPFire Command Injection Vulnerability

Highlights

New Research Reveals Multiple Attack Surfaces in WeChat & Other Instant Messaging Apps

May 30, 2025

New Research Reveals Multiple Attack Surfaces in WeChat & Other Instant Messaging Apps

Instant messaging (IM) applications like WhatsApp, Telegram, WeChat, and QQ have become the “digital arteries” of modern society, facilitating communication for billions of users worldwide.
However, t …
Read more

Published Date:
May 30, 2025 (2 hours, 59 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-30401

CVE-2023-4863

CVE-2019-8641

CVE-2019-11932

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

This Microsoft pay scale reveals AI pros are making bank — with compensation packages reaching up to $336,000/year

ZeniMax QA testers face whiplash and “rancid” work morale following Microsoft’s gaming layoffs — but the union still fights

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

This Microsoft pay scale reveals AI pros are making bank — with compensation packages reaching up to $336,000/year

CVE-2025-52376 – Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-47814 – GNU PSPP Zip-Reader Heap-Based Buffer Overflow

Beekeeping – recording damage caused by a brown bear

CVE-2025-5332 – “1000 Projects Online Notice Board SQL Injection Vulnerability”

Distribution Release: Rescuezilla 2.6.1

New Research Reveals Multiple Attack Surfaces in WeChat & Other Instant Messaging Apps

Localhost dangers: CORS and DNS rebinding

June report 2025

“Periodic table of machine learning” could fuel AI discovery

CVE-2025-52376 – Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

Related Posts