Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2025
CVE-2025-32455
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the run_cmd argument), that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
CVSS Score
7.7
EPSS Score
0.004
Published
2025-06-08
CVE-2025-5847
A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.4
EPSS Score
0.007
Published
2025-06-08
CVE-2025-26691
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-06-08
CVE-2025-26693
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-06-08
CVE-2025-27131
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-06-08
CVE-2025-27242
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-06-08
CVE-2025-27247
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-06-08
CVE-2025-27563
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-06-08
CVE-2025-21082
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-06-08
CVE-2025-23235
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVSS Score
3.3
EPSS Score
0.001
Published
2025-06-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved