CVE-2025-52376 – Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

July 15, 2025

CVE ID : CVE-2025-52376

Published : July 15, 2025, 2:15 p.m. | 1 hour, 29 minutes ago

Description : An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server is then accessible with hard-coded credentials, allowing attackers to gain administrative shell access and execute arbitrary commands on the device.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6965 – SQLite Aggregate Overflow

Next Article CVE-2025-34116 – IPFire Command Injection Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-52376 – Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

µgRD – generate a custom initramfs environment

CVE-2025-52938 – NotepadNext Lua Engine Out-of-bounds Read Vulnerability

Click-Free Credential Theft: Microsoft Telnet Exploit Bypasses Prompts in Trusted Zones

tracker offers real-time satellite tracks and orbit prediction

CVE-2025-25775 – Codeastro Bus Ticket Booking System SQL Injection Vulnerability

Looking for an AI-powered website builder? Here’s your best option in 2025

I used Google’s photo-to-video AI tool on my selfie – and it made me do the tango

U.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, OT Networks, and Critical Infrastructure

CVE-2025-52376 – Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

Related Posts