{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T17:54:53.879","vulnerabilities":[{"cve":{"id":"CVE-2025-34035","sourceIdentifier":"disclosure@vulncheck.com","published":"2025-06-24T01:15:24.763","lastModified":"2025-11-20T22:15:56.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."},{"lang":"es","value":"Existe una vulnerabilidad de inyección de comandos del sistema operativo en EnGenius EnShare Cloud Service versión 1.4.11 y anteriores. El script usbinteract.cgi no depura correctamente la entrada del usuario enviada al parámetro path, lo que permite a atacantes remotos no autenticados inyectar comandos de shell arbitrarios. Los comandos inyectados se ejecutan con privilegios de root, lo que compromete por completo el sistema."}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.1.0.28:*:*:*:*:*:*:*","matchCriteriaId":"01334F44-2F36-4809-9087-21B9459FD71E"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.3.1.42:*:*:*:*:*:*:*","matchCriteriaId":"915E0D9B-A924-4AE8-B837-57CB4F4ACB22"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"B9C44CC9-6F20-4B99-AE68-C1E526233DF9"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.4.1.28:*:*:*:*:*:*:*","matchCriteriaId":"521FF3A0-8FA4-4A59-B00C-F0DEC4A4E778"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"FC3398A7-2BBD-4FDC-AA00-196563220F81"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.4.7:*:*:*:*:*:*:*","matchCriteriaId":"FA1E3718-B4C2-49F4-83BA-4CB05BB5108C"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr300_firmware:1.4.9:*:*:*:*:*:*:*","matchCriteriaId":"FEF34250-F996-403E-9CFC-AC2F9496B9D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:esr300:-:*:*:*:*:*:*:*","matchCriteriaId":"D2FFE521-B6A9-4070-A91B-FDB1BD0FBD46"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.1.0.29:*:*:*:*:*:*:*","matchCriteriaId":"38901E90-6040-48B9-B4BC-B0367DAD2C88"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.3.1.41:*:*:*:*:*:*:*","matchCriteriaId":"19636B66-7BC4-4BED-B9B0-56B30E196A79"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"BDEE977B-876B-4870-9F95-58117BB77617"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"E9EAE034-F08E-4B1D-A57F-071870F47C10"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"DB0400F1-CD4B-4256-BCEB-202495D48F4E"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.4.9:*:*:*:*:*:*:*","matchCriteriaId":"F9ED2DCF-59BE-4390-9804-AE8BA333BA7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr350_firmware:1.4.11:*:*:*:*:*:*:*","matchCriteriaId":"C1D7124D-153D-4DC5-8B74-567A998B6590"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:esr350:-:*:*:*:*:*:*:*","matchCriteriaId":"641FE70C-9DE5-436F-A23F-72A38DB4A282"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.1.0.50:*:*:*:*:*:*:*","matchCriteriaId":"E540691D-3D97-49B8-8E20-C962093946CE"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.2.1.46:*:*:*:*:*:*:*","matchCriteriaId":"9EA691B6-BAC5-4D6A-9AEB-29D9B2539DD1"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.3.1.63:*:*:*:*:*:*:*","matchCriteriaId":"90661049-6B4F-4867-A319-AC72B1725B70"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.0.23:*:*:*:*:*:*:*","matchCriteriaId":"107428B5-06A6-4F4E-B351-4B465D1B83AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"7ACF9999-3B5D-47BB-8C7F-EE8374F202A7"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"56D33DE8-4679-4FF1-90B1-FDCE26760347"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"D65AB145-B93F-4432-9123-78C5A910023C"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"E783F09C-5698-4CA2-88B6-1BA08D854E6B"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.9:*:*:*:*:*:*:*","matchCriteriaId":"968F3619-0904-4866-A3BA-DC8973CC3342"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr600_firmware:1.4.11:*:*:*:*:*:*:*","matchCriteriaId":"A64D257F-E3C0-40EB-993B-411779EFC161"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:esr600:-:*:*:*:*:*:*:*","matchCriteriaId":"D6FD4A2C-A954-42E1-AA5F-1079DF273FE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"EE33B9D9-C987-4ED4-9074-CB9309428005"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.2.2.23:*:*:*:*:*:*:*","matchCriteriaId":"95869E44-9D11-4DD8-A73D-2A1BEEA491C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"6CD2F563-3CF7-4389-814F-0252EE15BA26"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.3.1.26:*:*:*:*:*:*:*","matchCriteriaId":"F78A7329-9DAA-4DCF-AF4A-3CC463B2BC39"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.3.5.18:*:*:*:*:*:*:*","matchCriteriaId":"12AD6D11-7D52-4A3B-8DA5-C1DB68C38760"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"537C5026-73D5-4BAC-A373-FC05F2A4A2EA"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"99F37AD1-9A0F-439B-9D37-EA94346A5A20"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr900_firmware:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"EEAE5096-DF1D-40EB-B1BB-ECFEBF40E130"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:esr900:-:*:*:*:*:*:*:*","matchCriteriaId":"2A260CFC-3B18-4541-806E-94EE562395E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1200_firmware:1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"A0EA408E-F053-4246-92B5-B020CCB15413"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1200_firmware:1.3.1.34:*:*:*:*:*:*:*","matchCriteriaId":"451C1304-51D1-4203-A0B9-48B9D4C74B0A"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1200_firmware:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"6424BADD-EC23-4A33-89CE-8AF72CB18E28"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1200_firmware:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"92865DE7-A769-4E39-9EE0-AA7F2D46534E"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1200_firmware:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"C9F8C66F-0E8D-404C-BCA9-F026F95BD7FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:esr1200:-:*:*:*:*:*:*:*","matchCriteriaId":"5CE751B7-2530-4CBE-A00A-1F8C13F84834"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"D44C246A-DFBB-484D-ABA3-CCA289C6978D"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.2.2.27:*:*:*:*:*:*:*","matchCriteriaId":"E33B9DF5-9719-48C1-BE50-FDED6F8FF566"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"7E1D4CFD-DE05-45B7-ACF7-00C10EF178BD"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.3.1.34:*:*:*:*:*:*:*","matchCriteriaId":"F44CDC69-8350-45B3-9769-1C0A284E8FB1"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"C18597C4-9AEE-4FAC-9249-CD68AC7C84C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"EF84C882-9982-4334-8C05-1CA80420E700"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"66B26B28-E5C4-4F74-84CD-3C8B620997BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:esr1750_firmware:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"3E0113B2-E5DA-493A-8CBF-08CC7C1A34E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:esr1750:-:*:*:*:*:*:*:*","matchCriteriaId":"5CC87617-AB00-416A-BC73-ABBDD4A95AA9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"C5E0C5F9-8859-483A-A7F5-55809BA3F4AE"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"40601E1E-3C80-4BCF-B92A-ACD058097CEB"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.3.2:*:*:*:*:*:*:*","matchCriteriaId":"40402302-F6EE-4EA1-9925-991437978547"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.3.3:*:*:*:*:*:*:*","matchCriteriaId":"A29F0E0C-17AF-4664-B0D5-EB3FD8DF6F1F"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.3.3.17:*:*:*:*:*:*:*","matchCriteriaId":"FF9D19CA-343D-4825-903C-7FD013492613"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.3.7.20:*:*:*:*:*:*:*","matchCriteriaId":"C5461F8A-9A98-4D99-AF72-FE52CDEE7FF2"},{"vulnerable":true,"criteria":"cpe:2.3:o:engeniustech:epg5000_firmware:1.3.9.21:*:*:*:*:*:*:*","matchCriteriaId":"CF1E429B-4ED5-497F-926B-F8A876FC6D0D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:engeniustech:epg5000:-:*:*:*:*:*:*:*","matchCriteriaId":"5D2D55FB-BF65-4201-9583-07B7C514664D"}]}]}],"references":[{"url":"https://cxsecurity.com/issue/WLB-2017060050","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://packetstormsecurity.com/files/142792","source":"disclosure@vulncheck.com","tags":["Broken Link"]},{"url":"https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/42114","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}}]}