Unauthorized Access Vulnerability in Netis WF-2404 Router
CVE-2025-2921

5.4MEDIUM

Key Information:

Vendor

Netis

Status
Wf-2404
Vendor
CVE Published:
28 March 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-2921?

A security issue has been identified in the Netis WF-2404 Router, where an unknown function within the /etc/passwd file allows an attacker to exploit default password credentials. This vulnerability can be targeted physically, although the attack methodology is complex. Due to the public disclosure of this flaw and the vendor's lack of response, users are advised to take immediate precautions to secure their devices against potential unauthorized access.

Affected Version(s)

WF-2404 1.1.124EN

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-2921 - Proof of Concept

References

https://vuldb.com/?id.301896
vdb-entrytechnical-description
https://vuldb.com/?ctiid.301896
signaturepermissions-required
https://vuldb.com/?submit.521038
third-party-advisory

CVSS V4

Score:
5.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

scoozi (VulDB User)
.