{"id":64177,"date":"2025-06-02T12:31:48","date_gmt":"2025-06-02T09:01:48","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-4010-netcom-ntc-6200-and-nwl-222-web-interface-command-injection-vulnerability\/"},"modified":"2025-06-02T12:31:48","modified_gmt":"2025-06-02T09:01:48","slug":"cve-2025-4010-netcom-ntc-6200-and-nwl-222-web-interface-command-injection-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-4010-netcom-ntc-6200-and-nwl-222-web-interface-command-injection-vulnerability\/","title":{"rendered":"CVE-2025-4010 &#8211; Netcom NTC 6200 and NWL 222 Web Interface Command Injection Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-4010<br \/>\n<br \/>\n<strong>Published : <\/strong> June 2, 2025, 7:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple\u00a0endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated attackers can gain arbitrary code execution with elevated privileges.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 0.0 | NA<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-4010 Published : June 2, 2025, 7:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago Description : The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by operators. Multiple\u00a0endpoints of the web interface are vulnerable to arbitrary command injection and use insecure hardcoded passwords. Remote authenticated &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-64177","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=64177"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64177\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=64177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=64177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=64177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}