CVE-2025-25504 | THREATINT

Description

An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges.

PUBLISHED Reserved 2025-02-07 | Published 2025-05-05 | Updated 2025-05-05 | Assigner mitre

References

gefen.com

www.troy-wilson.com/cve-2025-25504.html

cve.org (CVE-2025-25504)

nvd.nist.gov (CVE-2025-25504)

Download JSON