GCVE - cpe:2.3:h:netis-systems:netis_wf-2404:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:netis-systems:netis_wf-2404:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Netis Systems (`672828a5-2e28-5c8f-b339-4984bcfc4393`)
Product	Netis Wf 2404 (`adc7c502-9ea5-5953-a9bc-4e8736647297`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-2921`	not_vulnerable	2026-06-03 15:00:26.870751	Netis WF-2404 passwd default password MEDIUM (6.4) A vulnerability classified as critical has been found in Netis WF-2404 1.1.124EN. Affected is an unknown function of the file /etc/passwd. The manipulation with the input Realtek leads to use of default password. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-03-28T18:00:12.428Z Updated: 2025-03-28T19:59:20.003Z Open on db.gcve.eu Reference links https://vuldb.com/?id.301896 https://vuldb.com/?ctiid.301896 https://vuldb.com/?submit.521038 https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-cont	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-2919`	not_vulnerable	2026-06-03 15:00:26.869706	Netis WF-2404 UART hardware allows activation of test or debug logic at runtime MEDIUM (6.8) A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-03-28T17:31:05.919Z Updated: 2025-03-28T17:42:25.648Z Open on db.gcve.eu Reference links https://vuldb.com/?id.301894 https://vuldb.com/?ctiid.301894 https://vuldb.com/?submit.521036 https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.