CVE-2025-24333 – Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

July 2, 2025

CVE ID : CVE-2025-24333

Published : July 2, 2025, 9:15 a.m. | 27 minutes ago

Description : Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added to baseband internal COMA_config.xml file.

This issue has been corrected starting from release 24R1-SR 1.0 MP and later, by adding proper input validation to OAM service process which prevents injecting special characters via baseband internal COMA_config.xml file.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24334 – Nokia Single RAN Baseband Software Information Disclosure Vulnerability

Next Article CVE-2025-24332 – Nokia Single RAN AirScale Baseband SSH Privilege Escalation

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-24333 – Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Rilasciati il driver OpenRazer 3.10.3 per dispositivi Razer compatibile con Linux 6.15

CVE-2025-49508 – LoftOcean CozyStay PHP Remote File Inclusion Vulnerability

Rilasciata IPFire 2.29 Core Update 193: Un passo avanti nella sicurezza con la crittografia post-quantistica

CVE-2025-4326 – MRCMS Cross-Site Scripting Vulnerability

Microsoft Build: GitHub Copilot coding agent, Azure AI Foundry updates, support for MCP, and more

CVE-2025-46244 – Dotstore Advanced Linked Variations for Woocommerce Missing Authorization Vulnerability

Microsoft Authenticator to Drop Password Manager Features by August 2025

I used Google’s photo-to-video AI tool on my selfie – and it made me do the tango

CVE-2025-24333 – Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

Related Posts