CVE-2025-8890 - Vulnerability Details - OpenCVE

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sdmc	Ne6037

No data.

No data.

References

Link	Providers
https://cert.pl/en/posts/2025/11/CVE-2025-8890

History

Fri, 28 Nov 2025 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sdmc Sdmc ne6037
Vendors & Products		Sdmc Sdmc ne6037

Thu, 27 Nov 2025 14:00:00 +0000

Type	Values Removed	Values Added
Description		Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.
Title		Authenticated RCE in SDMC NE6037 router
Weaknesses		CWE-78
References		https://cert.pl/en/posts/2025/11/CVE-2025-8890
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published: 2025-11-27T13:42:53.664Z

Updated: 2025-11-27T13:42:53.664Z

Reserved: 2025-08-12T13:56:56.592Z

Link: CVE-2025-8890

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-11-27T14:15:52.183

Modified: 2025-11-27T14:15:52.183

Link: CVE-2025-8890

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8890", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "state": "PUBLISHED", "assignerShortName": "CERT-PL", "dateReserved": "2025-08-12T13:56:56.592Z", "datePublished": "2025-11-27T13:42:53.664Z", "dateUpdated": "2025-11-27T13:42:53.664Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "NE6037", "vendor": "SDMC", "versions": [{"lessThan": "7.1.12.2.44", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Grzegorz Bronka (Securitum.pl)"}], "datePublic": "2025-11-27T13:36:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks.<br>In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports. <br>"}], "value": "Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44\u00a0has a network diagnostics tool vulnerable to a shell command injection attacks.\nIn order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2025-11-27T13:42:53.664Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://cert.pl/en/posts/2025/11/CVE-2025-8890"}], "source": {"discovery": "EXTERNAL"}, "title": "Authenticated RCE in SDMC NE6037 router", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44\u00a0has a network diagnostics tool vulnerable to a shell command injection attacks.\nIn order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports."}], "id": "CVE-2025-8890", "lastModified": "2025-11-27T14:15:52.183", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cvd@cert.pl", "type": "Secondary"}]}, "published": "2025-11-27T14:15:52.183", "references": [{"source": "cvd@cert.pl", "url": "https://cert.pl/en/posts/2025/11/CVE-2025-8890"}], "sourceIdentifier": "cvd@cert.pl", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cvd@cert.pl", "type": "Primary"}]}