CVE-2025-4747 – NetDragon Firewall Command Injection Vulnerability

May 16, 2025

CVE ID : CVE-2025-4747

Published : May 16, 2025, 5:15 a.m. | 3 hours, 44 minutes ago

Description : A vulnerability was found in Bohua NetDragon Firewall 1.0 and classified as critical. This issue affects some unknown processing of the file /systemstatus/ip_status.php. The manipulation of the argument subnet leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4759 – Lockfile Lint API Incorrect Behavior Order Vulnerability

Next Article CVE-2025-48174 – Avif Integer Overflow Buffer Overflow Vulnerability

Highlights

CVE-2025-6089 – Astun Technology iShare Maps Open Redirect Vulnerability

June 15, 2025

CVE ID : CVE-2025-6089

Published : June 15, 2025, 1:15 p.m. | 12 hours, 6 minutes ago

Description : A vulnerability has been found in Astun Technology iShare Maps 5.4.0 and classified as problematic. This vulnerability affects unknown code of the file atCheckJS.aspx. The manipulation of the argument ref leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Turning User Research Into Real Organizational Change

June 2025: All AI updates from the past month

Building a culture that will drive platform engineering success

Gartner: More than 40% of agentic AI projects will be canceled in the next few years

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

“Using AI is no longer optional” — Did Microsoft just make Copilot mandatory for its staff as a critical performance metric?

June report 2025

June report 2025

Make your JS functions smarter and cleaner with default parameters

Best Home Interiors in Hyderabad – Top Designers & Affordable Packages

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

I FINALLY got my hands on my most anticipated gaming laptop of 2025 — and it’s a 14-inch monster

This gimbal-tracking webcam has TWO cameras and a great price — but it may not be “private” enough

I spent two months using the massive Area-51 gaming rig — both a powerful beast PC and an RGB beauty queen

CVE-2025-4747 – NetDragon Firewall Command Injection Vulnerability

CVE-2025-6554 Actively Exploited Google Chrome Zeroday

Cyber Brief 25-07 – June 2025

Helping machines understand visual content with AI

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

CVE-2025-4076 – LB-LINK BL-AC3600 Password Handler Command Injection Vulnerability

CVE-2025-6487 – TOTOLINK A3002R Stack-Based Buffer Overflow

CVE-2025-6089 – Astun Technology iShare Maps Open Redirect Vulnerability

CVE-2025-6855 – “Chatchat-Langchain Chatchat Path Traversal Vulnerability”

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

CVE-2025-37812 – Linux Kernel USB cdns3 NCM Gadget Deadlock

CVE-2025-4747 – NetDragon Firewall Command Injection Vulnerability

Related Posts