CVE-2025-8890
Lifecycle Timeline
2Tags
Description
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.
Analysis
A shell command injection vulnerability exists in the network diagnostics tool of SDMC NE6037 routers running firmware versions prior to 7.1.12.2.44, allowing authenticated attackers with administrative access to execute arbitrary commands on the device. The vulnerability is classified as CWE-78 (OS Command Injection) and carries an EPSS score of 0.77% (73rd percentile), indicating a low empirical probability of exploitation in the wild. While no public proof-of-concept or active exploitation in the wild has been documented, the flaw requires administrative authentication via the LAN-only management interface, significantly limiting real-world attack surface.
Technical Context
The vulnerability exists within the network diagnostics functionality of SDMC NE6037 router firmware, specifically in components that process user-supplied input for diagnostic commands without proper input validation or sanitization. CWE-78 (Improper Neutralization of Special Elements used in an OS Command) occurs when the application constructs operating system commands by concatenating unsanitized user input into shell execution contexts. The affected product is a commercial network routing appliance typically deployed in enterprise and service provider environments. The firmware's diagnostic tool likely executes system-level ping, traceroute, or similar commands based on user parameters; the injection point allows an authenticated user to break out of the intended command context and inject arbitrary shell metacharacters or secondary commands. This is a classic case of insufficient input validation at the interface between user-controlled application parameters and underlying shell execution APIs.
Affected Products
SDMC NE6037 routers running firmware versions prior to 7.1.12.2.44 are affected. Affected versions include all releases up to and including 7.1.12.2.43. The vulnerability was reported by [email protected] and detailed in advisories available through CERT Poland (https://cert.pl/en/posts/2025/11/CVE-2025-8890) and Securitum (https://www.securitum.com/cve-2025-8890.html). Organizations running SDMC NE6037 firmware should verify their current version against the 7.1.12.2.44 milestone threshold to determine exposure.
Remediation
Immediately upgrade SDMC NE6037 firmware to version 7.1.12.2.44 or later; consult vendor release notes and the Securitum advisory (https://www.securitum.com/cve-2025-8890.html) for download links and upgrade procedures. As an interim compensating control pending patching, restrict administrative access to the router's management interface to a minimal set of trusted IP addresses or network segments, implement multi-factor authentication for administrative login if available, and monitor diagnostic tool usage via router logs for evidence of command injection attempts. Additionally, ensure the management interface remains isolated to LAN access only and is not exposed to untrusted networks; disable or restrict remote management features if not actively required for operations.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today