Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

n604tplus_firmware

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2025-55423
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.50% / 65.44%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 00:00
Updated-30 Jan, 2026 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation or sanitization, allowing OS command injection.

Action-Not Available
Vendor-iptimen/a
Product-n2en604tplus_firmwarev304n2plusa5004ns_firmwaren2plus-i_firmwaren3-i_firmwaren604en600q504n2vsn600_firmwarea2004sea7004m_firmwaren102iplusn604a_firmwaren8004v_firmwaren604an904ns_firmwarea604-v3_firmwaren804ta3004ns-m_firmwaren604eplus_firmwarea2003mua6004mx_firmwareax3004bcm_firmwaren604ra6004ns-mn8004rn7004nsa2004nsplusn604plus-ia1004_firmwarea604ra6ns-m_firmwarea604sea3004tv304_firmwarea9004mn704nst5004_firmwaren702e_firmwaret16000mn604t_firmwareax3004itl_firmwaren602se_firmwareax2004mn804an904vsmartn704qcaa2004ns-rn704-a3n104_blackn104en702en5_firmwareax8008ma604-v5_firmwaren804t3n804a3_firmwarea3003nsa3004-dual_firmwareq604a3004mn904plusn904plus_firmwaren702bcmn804v_firmwareax2004_firmwarea8004tt24000m_firmwarea804ns-mun104v_firmwaren904v_firmwaren804t_firmwareax11000_firmwaren704e_firmwaren2v_firmwaren1plus_firmwarea104ax2004bcm_firmwarea304_firmwaret3004a9004m_firmwaret16000_firmwaren704v3n804rn2plus-in604_blacka604-v3n104r_firmwaren602sen1e_firmwarea3004ns-dual_firmwarea5004ns-m_firmwaren602eplusa2004rn104va2004ns-mu_firmwarea3004twa104ns_firmwarea8ns-mt16000m_firmwareax2002meshn602e_firmwarea104rn604e_firmwaren1plus-i_firmwarea5004ns-mn602eplus_firmwarea1004a604va1004vn704bcm_firmwareax3004itla7ns_firmwaren904a604g-mun604plus-i_firmwaren104s-r1_firmwarea3004nssmart_firmwaren804va2004mu_firmwaren2vs_firmwarea3004ns-mn702r_firmwaren804a3a104nsax8004bcm_firmwarea3004tw_firmwarea5004nsa3004ns-bcma2004nsplus_firmwarea3004ns-bcm_firmwarea6004ns-m_firmwaren704qca_firmwaren102in6n104e_firmwarea604g-mu_firmwaren104q-in1v_firmwaren8004r_firmwarea3004m_firmwaren604rplus_firmwaren704eplusa8004t-xrn6004rn2e_firmwaren904_firmwarea2003ns-mu_firmwarea2004nst3004_firmwarea2004a9004m-x2_firmwarea604n702bcm_firmwareax2002mesh_firmwaren3_firmwarea604r_firmwarea8004ns-mn702eplus_firmwaren104_black_firmwaren604seew302n_firmwarea3004ns_firmwaren604sa7004mt5008_firmwarea3004ns-dualn702ra2004plus_firmwaren102eplusn104qa604m_firmwarea1n1en102eplus_firmwaren604vplusq1_firmwarea604muax8004m_firmwareax8004bcmn104plus-ia2004r_firmwaren5n604tplust3008a104_firmwaren104eplusn1plus-ia604ma2004se_firmwarev504_firmwarea604g-skylifen604eplusn104rt24000_firmwaren704-a3_firmwareq604_firmwaren704v3_firmwaren804t3_firmwarea2004mun604s_firmwaret16000q1ax2004m_firmwareax11000n604vplus_firmwaret3008_firmwarea104r_firmwaren604vn2eplusn104q_firmwarea3002mesh_firmwarea3008-mu_firmwaren604se_firmwaren604_black_firmwaren2va2004_firmwarea6004nsn6_firmwaren704en6004r_firmwaren104k_firmwarea3004n604rplus-in804a_firmwarea8004bcmn2eplus_firmwaren102e_firmwarea2004ns-mun604rplusa8004itlq304q304_firmwaren804_firmwarea604_firmwaren102iplus_firmwaren104ka3004_firmwaren7004ns_firmwarea2004ns-r_firmwarea1_firmwarea704ns-bcm_firmwarea2004ns_firmwarea1004ns_firmwaren5-ia8004bcm_firmwarea6ns-mn604rplus-i_firmwarea704ns-bcmn104plusa3003ns_firmwarea604v_firmwarea6004ns_firmwaren804a304n804r_firmwaren3-ia8004itl_firmwarea1004v_firmwarea604mu_firmwarea604g-skylife_firmwarev508a3008-muax2004bcmt24000mt5008a2008_firmwarea8004t-xr_firmwarea804ns-mu_firmwarea3002mesht24000ax8008m_firmwarea1004nsa3004-duala8004t_firmwarea6004mxt5004ew302nn104s-r1n602en904nsv504a9004m-x2n604plus_firmwarea8004ns-m_firmwarea3_firmwaren102en104plus_firmwarea2004plusn104plus-i_firmwaren104q-i_firmwaren604r_firmwarea604-v5a3004t_firmwaren704ns_firmwaren8004vn1plusn104eplus_firmwaren102i_firmwarev508_firmwaren604v_firmwaren702eplusn3ax3004bcmn704bcma2003mu_firmwareax2004a3ax8004mq504_firmwarea2003ns-mun704eplus_firmwaren604plusn1va604se_firmwarea8ns-m_firmwaren2plus_firmwaren5-i_firmwarea2008n604ta7nsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')