Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
AnalysisAI
OS command injection in Nokia MantaRay NM Symptom Collector application allows authenticated adjacent network attackers to execute arbitrary OS commands with high confidentiality, integrity, and availability impact. The vulnerability affects all versions prior to 25R1-NM and requires low-privilege authenticated access over adjacent network with low attack complexity. No public exploit identified at time of analysis, with EPSS exploitation probability at 0.06% (19th percentile), indicating relatively low observed real-world exploitation likelihood despite the high CVSS score.
Technical ContextAI
This vulnerability (CWE-78: OS Command Injection) affects the Symptom Collector application component within Nokia MantaRay Network Management (NM) platform. Command injection vulnerabilities occur when an application passes unsanitized user input directly to system shell commands, allowing attackers to inject malicious commands using special characters like semicolons, pipes, or backticks. The affected product (cpe:2.3:a:nokia:mantaray_nm) is Nokia's network management solution used for telecom infrastructure monitoring and configuration. The improper neutralization of special elements means the application fails to validate or sanitize input parameters before incorporating them into OS-level command execution, creating a direct pathway from user input to system shell execution.
RemediationAI
Vendor-released patch: Nokia MantaRay NM version 25R1-NM. Organizations should immediately upgrade all MantaRay NM installations to version 25R1-NM or later to remediate this command injection vulnerability. The complete remediation guidance and patch distribution information is available in Nokia's official product security advisory at https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/. As an interim compensating control before patching, organizations should restrict network access to the MantaRay NM management interface to only essential administrative networks using network segmentation, firewall rules, or VPN requirements. Review and minimize the number of accounts with access to the Symptom Collector application functionality, and implement enhanced logging and monitoring for suspicious command execution activity on MantaRay NM systems until patching is complete.
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Moto
Multiple Improper Access Control was discovered in Nokia AirFrame BMC Web GUI < R18 Firmware v4.13.00. Rated high severi
Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated user via is_ctc_admin=1 to login_we
Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution. Rated hi
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enab
Buffer overflow in the Video Manager in Nokia PC Suite 7.1.180.64 and earlier allows remote attackers to cause a denial
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Rated high severity (CVSS 7.0). Public ex
Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass th
Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as
Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to rea
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209263
GHSA-gfh5-8jx4-qc72