CVE-2025-32456

The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the put_file_to_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.

CVSS v3 7.7 HIGH

7.7^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.5 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices
https://takeonme.org/cves/cve-2025-3460

Configurations

No configuration.

History

09 Jun 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-08 21:15

Updated : 2025-06-09 19:15

NVD link : CVE-2025-32456

Mitre link : CVE-2025-32456

CVE.ORG link : CVE-2025-32456

JSON object : View

Products Affected

No product.

CWE

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

{"id": "CVE-2025-32456", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@takeonme.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.5}]}, "published": "2025-06-08T21:15:31.267", "references": [{"url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", "source": "cve@takeonme.org"}, {"url": "https://takeonme.org/cves/cve-2025-3460", "source": "cve@takeonme.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@takeonme.org", "description": [{"lang": "en", "value": "CWE-88"}]}], "descriptions": [{"lang": "en", "value": "The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the put_file_to_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'),\" and is estimated as a CVSS 7.7\u00a0(CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset."}, {"lang": "es", "value": "El Chipset Wi-Fi Quantenna se entrega con un script de control local, router_command.sh (en el argumento put_file_to_qtn), vulnerable a la inyecci\u00f3n de comandos. Se trata de una instancia de CWE-88, \"Neutralizaci\u00f3n incorrecta de delimitadores de argumentos en un comando ('Inyecci\u00f3n de argumentos')\", y se estima como CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). Este problema afecta al chipset Quantenna Wi-Fi hasta la versi\u00f3n 8.0.0.28 del \u00faltimo SDK, y parece no tener parche en el momento de la primera publicaci\u00f3n de este registro CVE, aunque el proveedor ha publicado una gu\u00eda de mejores pr\u00e1cticas para los implementadores de este chipset."}], "lastModified": "2025-06-09T19:15:24.287", "sourceIdentifier": "cve@takeonme.org"}