CVE-2025-34117 – Netcore/Netis Router Remote Code Execution Backdoor Vulnerability

July 16, 2025

CVE ID : CVE-2025-34117

Published : July 16, 2025, 9:15 p.m. | 5 hours, 47 minutes ago

Description : A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can send specially crafted UDP packets to execute arbitrary commands on the affected device. This backdoor uses a hardcoded authentication mechanism and accepts shell commands post-authentication. Some device models include a non-standard implementation of the `echo` command, which may affect exploitability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-34120 – LimeSurvey Unauthenticated File Download Vulnerability

Next Article CVE-2025-34118 – Linknat VOS Manager Path Traversal Vulnerability

Highlights

CVE-2025-4513 – Moodle Catalyst User Key Authentication Plugin Open Redirect Vulnerability

May 10, 2025

CVE ID : CVE-2025-4513

Published : May 10, 2025, 8:15 p.m. | 4 hours, 9 minutes ago

Description : A vulnerability classified as problematic was found in Catalyst User Key Authentication Plugin 20220819 on Moodle. Affected by this vulnerability is an unknown functionality of the file /auth/userkey/logout.php of the component Logout. The manipulation of the argument return leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Got ChatGPT Plus? You can record and summarize meetings on a Mac now – here’s how

I put this buzzworthy 2-in-1 robot vacuum to work in my house – here’s how it fared

AI agents will change work and society in internet-sized ways, says AWS VP

This slick gadget is like a Swiss Army Knife for my keys (and fully trackable)

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

Microsoft says it won’t change Windows 11’s system tray design after users feedback

Microsoft says it won’t change Windows 11’s system tray design after users feedback

How Rust’s Debut in the Linux Kernel is Shoring Up System Stability

Microsoft is on track to become the second $4 trillion company by market cap, following NVIDIA — and mass layoffs

CVE-2025-34117 – Netcore/Netis Router Remote Code Execution Backdoor Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Filament v4 Beta Released: 4 New Features You Need to Know

This popular Game Pass Xbox exclusive is coming to PS5 this year — the devs announced it in the coolest way possible

CVE-2025-6040 – WordPress Easy Flashcards CSRF

kalynasolutions/laravel-tus

CVE-2025-4513 – Moodle Catalyst User Key Authentication Plugin Open Redirect Vulnerability

CVE-2025-4792 – FreeFloat FTP Server Buffer Overflow Vulnerability

CVE-2025-43586 – Adobe Commerce Privilege Escalation Vulnerability

Shaarli is a minimalist, super fast, database-free, bookmarking service

CVE-2025-34117 – Netcore/Netis Router Remote Code Execution Backdoor Vulnerability

Related Posts