CVE-2025-35005 in IPn4Giiinfo

Summary

by MITRE • 06/09/2025

Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFMAC command that can lead to privilege escalation. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record's first publishing.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 01/12/2026

The vulnerability identified as CVE-2025-35005 affects specific telecommunications equipment manufactured by Microhard, namely the BulletLTE-NA2 and IPn4Gii-NA2 devices. These products are designed for wireless communication and network connectivity in industrial and enterprise environments where reliable communication infrastructure is critical. The affected devices operate within the broader context of embedded systems that require robust security measures due to their role in maintaining network connectivity and data transmission for critical operations.

The technical flaw resides in the AT+MFMAC command implementation within these devices, which demonstrates improper neutralization of argument delimiters in a command execution context. This represents a classic command injection vulnerability where attacker-controlled input is not properly sanitized before being processed by the system's command interpreter. The vulnerability specifically manifests when a user with legitimate authentication credentials attempts to execute the AT+MFMAC command, allowing for privilege escalation from a standard authenticated user to a higher privilege level within the system.

The operational impact of this vulnerability is significant as it enables a post-authentication attacker to execute arbitrary commands with elevated privileges, potentially leading to complete system compromise. The CVSS score of 7.1 indicates a high-severity issue that can result in high confidentiality and integrity impacts without necessarily causing availability disruption. An attacker could leverage this vulnerability to gain unauthorized access to sensitive system information, modify critical configurations, or establish persistent access points within the network infrastructure. The vulnerability's classification under CWE-88 highlights its fundamental nature as an argument injection flaw that occurs when command arguments are not properly separated or sanitized.

Security implications extend beyond immediate system compromise as these devices typically serve as critical network nodes in industrial control systems and enterprise communications infrastructure. The vulnerability's persistence across multiple versions without general fixes suggests a systemic issue in the device's command processing architecture that requires immediate attention. Organizations relying on these devices must consider the potential for lateral movement within their networks and the possibility of cascading effects if these devices serve as gateways or bridges between different network segments.

Mitigation strategies should focus on immediate access controls and network segmentation to limit the potential impact of exploitation. Network administrators should implement strict monitoring of command execution patterns and establish robust authentication protocols to prevent unauthorized access. The vulnerability's nature suggests that any input validation or sanitization mechanisms within the AT+MFMAC command implementation should be strengthened to prevent delimiter injection attacks. Additionally, regular security assessments and firmware updates should be prioritized to address the root cause of the vulnerability. The ATT&CK framework would classify this issue under privilege escalation techniques, specifically targeting command execution capabilities within network infrastructure devices. Organizations should also consider implementing network access controls and firewall rules to restrict access to these vulnerable devices from untrusted networks and ensure that only authorized personnel can execute administrative commands.

Responsible

AHA

Reservation

04/15/2025

Disclosure

06/09/2025

Moderation

accepted

CPE

ready

EPSS

0.01031

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!