What is the CVSS score of CVE-2025-65883?

CVE-2025-65883 has a CVSS 3.1 base score of 8.4 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Platinum 4410 Firmware are affected by CVE-2025-65883?

Genexis Platinum P4410 routers are vulnerable to remote code execution by local network attackers who can reuse expired administrator session tokens, potentially compromising network infrastructure…

Is there a public PoC exploit available for CVE-2025-65883?

Yes, a public proof-of-concept exploit is available for CVE-2025-65883. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-65883?

Within 24 hours: Identify and inventory all Genexis P4410 routers running firmware V2-1.41 in your environment and isolate affected devices to restricted network segments if possible. Within 7 days: Implement network access controls restricting administrative access to the router's management interface from trusted IP ranges only, and enforce VPN/bastion host requirements for all remote administrative access. Within 30 days: Monitor vendor communications for patch availability; if no patch is released, evaluate replacement with alternative router models from vendors with active security support, and conduct network forensics on affected devices for signs of compromise.

Platinum 4410 Firmware CVE-2025-65883

EUVD-2025-201286 HIGH

Insufficient Session Expiration (CWE-613)

2025-12-04 cve@mitre.org

RCE Platinum 4410 Firmware

8.4

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.4 HIGH

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 16:35 euvd

EUVD-2025-201286

Analysis Generated

Mar 15, 2026 - 16:35 vuln.today

PoC Detected

Dec 23, 2025 - 00:22 vuln.today

Public exploit code

CVE Published

Dec 04, 2025 - 20:16 nvd

HIGH 8.4

DescriptionCVE.org

A vulnerability has been identified in Genexis Platinum P4410 router (Firmware P4410-V2-1.41) that allows a local network attacker to achieve Remote Code Execution (RCE) with root privileges. The issue occurs due to improper session invalidation after administrator logout. When an administrator logs out, the session token remains valid. An attacker on the local network can reuse this stale token to send crafted requests via the router’s diagnostic endpoint, resulting in command execution as root.

Analysis

Technical ContextAI

Remote code execution allows an attacker to run arbitrary commands or code on the target system over a network without prior authentication. This vulnerability is classified as Insufficient Session Expiration (CWE-613).

RemediationAI

Apply vendor patches immediately. Restrict network access to vulnerable services. Implement network segmentation and monitoring for anomalous activity.

CVE-2025-65883 vulnerability details – vuln.today

Back

Platinum 4410 Firmware CVE-2025-65883

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code