CVE-2025-67447 in NW-431Finfo

Summary

by MITRE • 06/04/2026

The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address field before passing it to the system's ping command. An attacker can inject arbitrary OS commands, which will be executed with the privileges of the web server.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

MITRE

Reservation

12/08/2025

Disclosure

06/04/2026

Moderation

accepted

Entry

VDB-368391

CPE

ready

CWE

CWE-78 (confirmed)

CVSS

8.8 (VulDB)

EPSS

0.00000

KEV

Activities

low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-67447
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-67447
CVE Details	https://www.cvedetails.com/cve/CVE-2025-67447/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!