OS Command Injection Vulnerability in Broadcom DX NetOps Spectrum
CVE-2025-69269

7.1HIGH

Key Information:

Vendor: Broadcom
Status: Dx Netops Spectrum
Vendor: CVE Published:; 12 January 2026

What is CVE-2025-69269?

An OS Command Injection vulnerability exists in Broadcom DX NetOps Spectrum for Windows and Linux platforms, allowing attackers to execute arbitrary commands on affected systems. This issue primarily affects versions 23.3.6 and earlier, exposing them to potential exploitation. Proper sanitization of user inputs is critical to prevent this type of security breach. It's essential for organizations using these versions to apply recommended patches and mitigate risks associated with this vulnerability.

Affected Version(s)

DX NetOps Spectrum Windows 23.3.6 and earlier

DX NetOps Spectrum Windows 23.3.7 and later

References

https://support.broadcom.com/web/ecx/support-content-noti...

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jan 12, 2026
Vulnerability Reserved
Dec 31, 2025

Credit

Jean-Michel Huguet and Jorge Escabias from NATO Cyber Security Centre

JSON