CVE-2025-25504

An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://gefen.com	Product
https://www.troy-wilson.com/cve-2025-25504.html	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:niceforyou:gefen_webfwc:1.70v:*:*:*:*:*:*:*

cpe:2.3:o:niceforyou:gefen_gf-avip-mc_firmware:a5.22:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:niceforyou:gefen_webfwc:1.85h:::::::*
	cpe:2.3:a:niceforyou:gefen_webfwc:1.86v:::::::*

cpe:2.3:o:niceforyou:gefen_gf-avip-mc_firmware:a5.310:*:*:*:*:*:*:*

History

17 Jun 2025, 14:13

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-05 16:15

Updated : 2025-06-17 14:13

NVD link : CVE-2025-25504

Mitre link : CVE-2025-25504

CVE.ORG link : CVE-2025-25504

JSON object : View

Products Affected

niceforyou

gefen_gf-avip-mc_firmware
gefen_webfwc

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-287

Improper Authentication

{"id": "CVE-2025-25504", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2025-05-05T16:15:50.640", "references": [{"url": "http://gefen.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.troy-wilson.com/cve-2025-25504.html", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges."}, {"lang": "es", "value": "Un problema en el script /usr/local/bin/jncs.sh de Gefen WebFWC (en productos AV sobre IP) v1.85h, v1.86v y v1.70 permite a atacantes con acceso a la red conectarse al dispositivo a trav\u00e9s del puerto TCP 4444 sin autenticaci\u00f3n y ejecutar comandos arbitrarios con privilegios de root."}], "lastModified": "2025-06-17T14:13:16.263", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:niceforyou:gefen_webfwc:1.70v:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD283856-18D2-4625-8A88-D3F9DFA31610"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:niceforyou:gefen_gf-avip-mc_firmware:a5.22:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E81DB305-DDB0-48A6-A171-F1F3ED3EA816"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:niceforyou:gefen_webfwc:1.85h:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D58769C1-827B-4963-A00D-2C1B389EE396"}, {"criteria": "cpe:2.3:a:niceforyou:gefen_webfwc:1.86v:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE973A49-081A-4CA1-BFCA-F71E1FC36FD4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:niceforyou:gefen_gf-avip-mc_firmware:a5.310:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C404DBC9-0EE7-4BD1-90DC-B09D4FBA5775"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}