Description
The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands, which will be executed with the privileges of the web server.
Published: 2026-06-04
Score: 9.8 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the ping module of the Neterbit NW‑431F Router firmware versions up to 20241014‑IR03, where an unsanitized IP address field is passed directly to the system's ping command. This lack of input validation allows an attacker to inject arbitrary OS commands, which are then executed under the web server’s privileges. The result is remote code execution capable of compromising confidentiality, integrity, and availability of the device and any systems reachable from it.

Affected Systems

The affected product is the Neterbit NW‑431F Router with firmware 20241014‑IR03 and all earlier releases. The vulnerability is tied to the web‑based network diagnostics interface that invokes the ping utility; no other known firmware versions contain the flaw.

Risk and Exploitability

The CVSS score of 9.8 indicates a critical severity, but the EPSS score is not available; nevertheless, the lack of input filtering implies the attack could be executed easily over the network. The flaw is not listed in CISA’s KEV catalog, yet the exposure permits remote attackers to run shell commands via the web interface. An attacker can remotely trigger this by sending a crafted ping request to the device’s web server, leading to full control of the router without authentication beyond gaining access to the management interface.

Generated by OpenCVE AI on June 4, 2026 at 18:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router firmware to the latest version that removes the insecure ping endpoint or applies proper input sanitization.
  • If an update is unavailable, disable the web‑based ping service or block the relevant API endpoint using the router’s configuration or a firewall rule.
  • Restrict management interface access to a known trusted IP range or subnet, and remove external exposure of the router.

Generated by OpenCVE AI on June 4, 2026 at 18:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Title OS Command Injection in Neterbit NW‑431F Router Ping Module

Thu, 04 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-78
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 17:45:00 +0000

Type Values Removed Values Added
Description The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands, which will be executed with the privileges of the web server.
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-04T17:57:34.286Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67447

cve-icon Vulnrichment

Updated: 2026-06-04T17:55:59.331Z

cve-icon NVD

Status : Deferred

Published: 2026-06-04T18:16:27.703

Modified: 2026-06-04T19:16:26.597

Link: CVE-2025-67447

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-04T18:30:16Z

Weaknesses