CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-3460

The Quantenna Wi-Fi chipset ships with a local control script, set_tx_pow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 78.0%

CVSS Severity

CVSS v3 Score 7.7

References

Products affected by CVE-2025-3460

Onsemi » Qcs-Ax2-A12 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax2-a12:-
Onsemi » Qcs-Ax2-S5 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax2-s5:-
Onsemi » Qcs-Ax2-T12 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax2-t12:-
Onsemi » Qcs-Ax2-T8 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax2-t8:-
Onsemi » Qcs-Ax3-A12 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax3-a12:-
Onsemi » Qcs-Ax3-S5 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax3-s5:-
Onsemi » Qcs-Ax3-T12 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax3-t12:-
Onsemi » Qcs-Ax3-T8 » Version: N/A

cpe:2.3:h:onsemi:qcs-ax3-t8:-
Onsemi » Qd840 » Version: N/A

cpe:2.3:h:onsemi:qd840:-
Onsemi » Qhs710 » Version: N/A

cpe:2.3:h:onsemi:qhs710:-
Onsemi » Qsr10ga » Version: N/A

cpe:2.3:h:onsemi:qsr10ga:-
Onsemi » Qsr10gu » Version: N/A

cpe:2.3:h:onsemi:qsr10gu:-
Onsemi » Qv840 » Version: N/A

cpe:2.3:h:onsemi:qv840:-
Onsemi » Qv840c » Version: N/A

cpe:2.3:h:onsemi:qv840c:-
Onsemi » Qv860 » Version: N/A

cpe:2.3:h:onsemi:qv860:-
Onsemi » Qv940 » Version: N/A

cpe:2.3:h:onsemi:qv940:-
Onsemi » Qv942c » Version: N/A

cpe:2.3:h:onsemi:qv942c:-
Onsemi » Qv952c » Version: N/A

cpe:2.3:h:onsemi:qv952c:-
Onsemi » Qcs-Ax2-A12 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax2-a12_firmware:-
Onsemi » Qcs-Ax2-S5 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax2-s5_firmware:-
Onsemi » Qcs-Ax2-T12 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax2-t12_firmware:-
Onsemi » Qcs-Ax2-T8 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax2-t8_firmware:-
Onsemi » Qcs-Ax3-A12 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax3-a12_firmware:-
Onsemi » Qcs-Ax3-S5 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax3-s5_firmware:-
Onsemi » Qcs-Ax3-T12 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax3-t12_firmware:-
Onsemi » Qcs-Ax3-T8 Firmware » Version: N/A

cpe:2.3:o:onsemi:qcs-ax3-t8_firmware:-
Onsemi » Qd840 Firmware » Version: N/A

cpe:2.3:o:onsemi:qd840_firmware:-
Onsemi » Qhs710 Firmware » Version: N/A

cpe:2.3:o:onsemi:qhs710_firmware:-
Onsemi » Qsr10ga Firmware » Version: N/A

cpe:2.3:o:onsemi:qsr10ga_firmware:-
Onsemi » Qsr10gu Firmware » Version: N/A

cpe:2.3:o:onsemi:qsr10gu_firmware:-
Onsemi » Qv840 Firmware » Version: N/A

cpe:2.3:o:onsemi:qv840_firmware:-
Onsemi » Qv840c Firmware » Version: N/A

cpe:2.3:o:onsemi:qv840c_firmware:-
Onsemi » Qv860 Firmware » Version: N/A

cpe:2.3:o:onsemi:qv860_firmware:-
Onsemi » Qv940 Firmware » Version: N/A

cpe:2.3:o:onsemi:qv940_firmware:-
Onsemi » Qv942c Firmware » Version: N/A

cpe:2.3:o:onsemi:qv942c_firmware:-
Onsemi » Qv952c Firmware » Version: N/A

cpe:2.3:o:onsemi:qv952c_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-3460

Products

Pricing

Contact Us