What is the CVSS score of EUVD-2025-18966?

EUVD-2025-18966 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 7.6%.

Which versions of Esr900 Firmware are affected by EUVD-2025-18966?

A critical remote code execution vulnerability in EnGenius EnShare Cloud Service versions 1.4.11 and earlier allows unauthenticated attackers to execute arbitrary commands with root-level privileges.

Is there a public PoC exploit available for EUVD-2025-18966?

Yes, a public proof-of-concept exploit is available for EUVD-2025-18966. Prioritise patching immediately. EPSS: 7.6%.

How to fix or mitigate EUVD-2025-18966?

Within 24 hours: Identify all EnGenius EnShare Cloud Service deployments and their versions; isolate affected systems from production networks if version 1.4.11 or earlier is confirmed. Within 7 days: Implement network-level access controls to restrict traffic to usbinteract.cgi endpoints; deploy WAF rules to block malicious path parameter payloads; conduct forensic analysis for signs of compromise (log review, process execution history). Within 30 days: Upgrade to patched version when released by vendor; perform full security assessment of compromised systems; reset all credentials and review access logs.

Esr900 Firmware EUVD-2025-18966

| CVE-2025-34035 CRITICAL

OS Command Injection (CWE-78)

2025-06-24 disclosure@vulncheck.com

Command Injection Esr900 Firmware Esr1200 Firmware Esr350 Firmware Esr300 Firmware Esr600 Firmware Epg5000 Firmware Esr1750 Firmware

9.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 22:36 euvd

EUVD-2025-18966

Analysis Generated

Mar 15, 2026 - 22:36 vuln.today

PoC Detected

Nov 20, 2025 - 22:15 vuln.today

Public exploit code

CVE Published

Jun 24, 2025 - 01:15 nvd

CRITICAL 9.8

DescriptionCVE.org

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.

AnalysisAI

CVE-2025-34035 is a critical OS command injection vulnerability in EnGenius EnShare Cloud Service versions 1.4.11 and earlier, affecting the usbinteract.cgi script which fails to sanitize the 'path' parameter. Unauthenticated remote attackers can inject arbitrary shell commands executed with root privileges, resulting in complete system compromise. Active exploitation has been documented by the Shadowserver Foundation as of 2024-12-05, indicating real-world threat activity.

Technical ContextAI

The vulnerability exists in the usbinteract.cgi CGI script component of EnGenius EnShare Cloud Service, which handles USB interaction functionality. The root cause is CWE-78 (Improper Neutralization of Special Elements used in an OS Command - OS Command Injection), where user-supplied input in the 'path' parameter is passed unsanitized to shell command execution contexts. This is a classic command injection flaw where an attacker can break out of intended command syntax by injecting shell metacharacters (e.g., semicolons, pipes, backticks, command substitution) to execute arbitrary commands. The CGI interface exposes this functionality to unauthenticated remote users over the network, making it immediately exploitable without prior authentication or user interaction. The execution context runs with root privileges, amplifying the impact from code execution to complete system compromise.

RemediationAI

Immediate actions: (1) Contact EnGenius technical support and check vendor advisory channels for patched versions beyond 1.4.11—upgrade to the latest available version immediately upon release; (2) Pending patch availability, implement network-level access controls to restrict unauthenticated access to the EnShare Cloud Service management interfaces and CGI endpoints, particularly usbinteract.cgi; (3) Disable USB interaction functionality if not required for operational needs; (4) Deploy Web Application Firewall (WAF) rules to block requests to usbinteract.cgi containing shell metacharacters (;, |, `, $(), &&, ||); (5) Monitor logs for suspicious path parameter values containing command injection patterns; (6) Isolate affected systems from untrusted networks until patched. Follow vendor advisory guidance at EnGenius support portal for official patch availability and deployment procedures.

EUVD-2025-18966 vulnerability details – vuln.today

Back

Esr900 Firmware EUVD-2025-18966

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code