We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-4009

Unauthenticated Arbitrary Command Injection in Evertz SDVN



Description

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among other features. The application has been developed in PHP with the webEASY SDK, also named ‘ewb’ by Evertz. This web interface has two endpoints that are vulnerable to arbitrary command injection and the authentication mechanism has a flaw leading to authentication bypass. Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices. This level of access could lead to serious business impact such as the interruption of media streaming, modification of media being streamed, alteration of closed captions being generated, among others.

Reserved 2025-04-27 | Published 2025-05-28 | Updated 2025-05-28 | Assigner ONEKEY


CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/V:C

Problem types

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-287 Improper Authentication

Product status

Default status
affected

Any version
affected

Default status
affected

Any version
affected

Default status
affected

Any version
affected

Default status
affected

Any version
affected

Default status
affected

Any version
affected

Default status
affected

Any version
affected

Timeline

2025-02-25:ONEKEY sends a notification to Service@evertz.com
2025-02-28:ONEKEY sends a notification to Service@evertz.com, info@evertz.com, security@evertz.com, psirt@evertz.com, support@evertz.com
2025-03-28:ONEKEY sends a reminder to Service@evertz.com, info@evertz.com, security@evertz.com, psirt@evertz.com, support@evertz.com, ukservice@evertz.com, sales@evertz.com, Vertrieb@evertz.com
2025-04-10:ONEKEY attempts to get in touch with Evertz through its @EvertzTV account on x.com
2025-04-11:ONEKEY sends inmails to different Linkedin users working in cybersecurity teams at Evertz
2025-04-27:ONEKEY opens a case with CERT.CC on VINCE (Vulnerability Information and Coordination Environment)

Credits

Q. Kaiser from ONEKEY Research Labs finder

References

www.onekey.com/...ode-execution-on-evertz-svdn-cve-2025-4009 third-party-advisory

cve.org (CVE-2025-4009)

nvd.nist.gov (CVE-2025-4009)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-4009

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.