Vulnerability Details CVE-2025-45835
A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the environment variable value CONTENT_LENGTH, causing the program to crash and potentially leading to a denial-of-service (DoS) attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.0%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-45835
-
cpe:2.3:h:netis-systems:wf2880:-
-
cpe:2.3:o:netis-systems:wf2880_firmware:2.1.40207