| TVN ID | TVN-202509005 |
|---|---|
| CVE ID | CVE-2025-10589 |
| CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | Affected product: N-Reporter, N-Cloud, N-Probe Affected firmware version: For 6.x series, before 6.1.187(20250730-1734) For 7.x series, before 7.0.009(20250805-1505) Affected kernel version: before 20250811094737 |
| Description | The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server. |
| Solution | Firmware update: For 6.x series, please update to version 6.1.187(20250730-1734) or later For 7.x series, please update to version 7.0.009(20250805-1505) or later Kernel update: Please update to 20250811094737 or later The firmware and kernel must be updated synchronously to ensure that the patches take effect. |
| Credit | Linwz, Xin Yu Lin(DEVCORE) |
| Public Date | 2025-09-17 |
:::