CVE-2025-22495 - "Network-M2 NTP Server Configuration Command Injection Vulnerability"
CVE ID : CVE-2025-22495 Published : Feb. 24, 2025, 5:15 p.m. | 1 hour, 44 minutes ago Description : An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note - Network-M2 has been declared end-of-life in early 2024 and Network-M3 has been released as a fit-and-functional replacement. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22495
Published : Feb. 24, 2025, 5:15 p.m. | 1 hour, 44 minutes ago
Description : An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note - Network-M2 has been declared end-of-life in early 2024 and Network-M3 has been released as a fit-and-functional replacement.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Feb. 24, 2025, 5:15 p.m. | 1 hour, 44 minutes ago
Description : An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card. This could result in an authenticated high privileged user having the ability to execute arbitrary commands. The vulnerability has been resolved in the version 3.0.4. Note - Network-M2 has been declared end-of-life in early 2024 and Network-M3 has been released as a fit-and-functional replacement.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
