Skip to main content

N3 Firmware

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-55423 CRITICAL POC Act Now

Multiple ipTIME router models have a command injection vulnerability in the upnp_relay() function, allowing remote attackers to execute arbitrary OS commands through crafted UPnP requests.

Command Injection A104 Firmware A604mu Firmware Ax2004 Firmware N2plus I Firmware +159
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-14704 MEDIUM POC This Month

A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted element is an unknown function of the file /eshell of the component API. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Path Traversal N3 Firmware
NVD VulDB
CVSS 4.0
5.5
EPSS
0.4%
CVE-2025-55423
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Multiple ipTIME router models have a command injection vulnerability in the upnp_relay() function, allowing remote attackers to execute arbitrary OS commands through crafted UPnP requests.

Command Injection A104 Firmware A604mu Firmware +161
NVD GitHub
CVE-2025-14704
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted element is an unknown function of the file /eshell of the component API. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Path Traversal N3 Firmware
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy