Remote Code Execution Vulnerability in Genexis Platinum P4410 Router
CVE-2025-65883

8.4HIGH

Key Information:

Vendor: Genexis
Status: Platinum P4410 Router
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-65883?

A vulnerability in the Genexis Platinum P4410 router allows local network attackers to execute arbitrary commands with root privileges. This issue arises from the failure to invalidate the session token after an administrator logs out. As a result, an attacker on the same network can exploit the stale session token to send crafted requests through the router's diagnostic interface, thus gaining unauthorized root access and potentially compromising the device's integrity and security.

References

https://0xw41th.medium.com/my-first-cve-cve-2025-65883-re...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Nov 18, 2025

JSON