Search criteria
3 vulnerabilities found for EnShare IoT Gigabit Cloud Service by EnGenius
VAR-201707-1348
Vulnerability from variot - Updated: 2025-11-21 23:24An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC. ESR300 firmware, ESR350 firmware, ESR600 firmware etc. (DoS) It may be in a state. EnGenius Enshare is a USB media storage sharing application. Allows an attacker to exploit a vulnerability to execute arbitrary code. With the EnGenius IoT Gigabit Routers and free EnShare app, use your iPhone, iPad or Android-based tablet or smartphone to transfer video, music and other files to and from a router-attached USB hard drive. The EnShare feature allows you to access media content stored on a USB hard drive connected to the router's USB port in the home and when you are away from home when you have access to the Internet
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.0.23"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.5"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.7"
},
{
"model": "esr1200",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.1"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.5"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.1.28"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.1.0"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.2.2.23"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.1.26"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.5.18"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.0"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.11"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.1.63"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.9"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.11"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.3"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.1.41"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.9"
},
{
"model": "esr1200",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.1.0"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.2.1.46"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.0"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.0"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.2"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.5"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.3"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.1.0.50"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.2"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.1.42"
},
{
"model": "esr600",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.1"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.2.0"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.3.17"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.1.34"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.3"
},
{
"model": "esr1200",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.5"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.2"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.1.0.28"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.0"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.1.0"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.9"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.2.2.27"
},
{
"model": "esr1200",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.1.34"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.3"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.9.21"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.0"
},
{
"model": "esr300",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.2"
},
{
"model": "epg5000",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.3.7.20"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.1.0.29"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.0"
},
{
"model": "esr1750",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.1"
},
{
"model": "esr900",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.5"
},
{
"model": "esr350",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.0"
},
{
"model": "esr1200",
"scope": "eq",
"trust": 1.0,
"vendor": "engeniustech",
"version": "1.4.3"
},
{
"model": "epg5000",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "esr1200",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "esr600",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "esr350",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "esr300",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "esr1750",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "esr900",
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.6,
"vendor": "engenius",
"version": "1.4.11"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.3,
"vendor": "engenius",
"version": "1.1.0)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.1.0.28)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.1.0.29)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.1.0.50)"
},
{
"model": "enshare iot gigabit cloud service",
"scope": "eq",
"trust": 0.1,
"vendor": "engenius",
"version": "1.2.0)"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
],
"trust": 0.1
},
"cve": "CVE-2025-34035",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-13571",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2025-34035",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2025-34035",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2025-34035",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "disclosure@vulncheck.com",
"id": "CVE-2025-34035",
"trust": 1.0,
"value": "Critical"
},
{
"author": "NVD",
"id": "CVE-2025-34035",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-13571",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2017-5413",
"trust": 0.1,
"value": "(5/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. \u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC. ESR300 firmware, ESR350 firmware, ESR600 firmware etc. (DoS) It may be in a state. EnGenius Enshare is a USB media storage sharing application. Allows an attacker to exploit a vulnerability to execute arbitrary code. With the EnGenius IoT Gigabit Routers and free EnShare app, use your iPhone, iPad or Android-based tablet or smartphone to transfer video, music and other files to and from a router-attached USB hard drive. The EnShare feature allows you to access media content stored on a USB hard drive connected to the router\u0027s USB port in the home and when you are away from home when you have access to the Internet",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-34035"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/enshare_rce.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-34035",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "42114",
"trust": 2.5
},
{
"db": "CXSECURITY",
"id": "WLB-2017060050",
"trust": 1.9
},
{
"db": "ZSL",
"id": "ZSL-2017-5413",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "142792",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848",
"trust": 0.8
},
{
"db": "EXPLOITDB",
"id": "42114",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2017-13571",
"trust": 0.6
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"id": "VAR-201707-1348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
],
"trust": 1.2666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-13571"
}
]
},
"last_update_date": "2025-11-21T23:24:14.983000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [ others ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://cxsecurity.com/issue/wlb-2017060050"
},
{
"trust": 1.8,
"url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/42114"
},
{
"trust": 1.8,
"url": "https://www.zeroscience.mk/en/vulnerabilities/zsl-2017-5413.php"
},
{
"trust": 1.1,
"url": "https://packetstormsecurity.com/files/142792"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-34035"
},
{
"trust": 0.7,
"url": "https://www.exploit-db.com/exploits/42114/"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127026"
},
{
"trust": 0.1,
"url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=esr900"
},
{
"trust": 0.1,
"url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=esr600"
},
{
"trust": 0.1,
"url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=epg5000"
},
{
"trust": 0.1,
"url": "http://www.vfocus.net/art/20170606/13644.html"
},
{
"trust": 0.1,
"url": "https://badpackets.net/engenius-routers-found-in-mirai-like-botnet/"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-04T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"date": "2017-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"date": "2025-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"date": "2025-06-24T01:15:24.763000",
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-11T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5413"
},
{
"date": "2017-07-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-13571"
},
{
"date": "2025-07-25T02:44:00",
"db": "JVNDB",
"id": "JVNDB-2025-009848"
},
{
"date": "2025-11-20T22:15:56.183000",
"db": "NVD",
"id": "CVE-2025-34035"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0EnGenius\u00a0Technologies\u00a0 In the product \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-009848"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Local/Remote,System Access",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5413"
}
],
"trust": 0.1
}
}
CVE-2025-34035 (GCVE-0-2025-34035)
Vulnerability from nvd – Published: 2025-06-24 01:00 – Updated: 2025-11-20 21:15 X_Known Exploited Vulnerability
VLAI?
Title
EnGenius EnShare IoT Gigabit Cloud Service Command Injection
Summary
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EnGenius | EnShare IoT Gigabit Cloud Service |
Affected:
0 , ≤ 1.4.11
(semver)
|
Credits
Gjoko Krstic
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34035",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T13:30:44.337841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T13:30:48.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Management Interface (usbinteract.cgi)"
],
"product": "EnShare IoT Gigabit Cloud Service",
"vendor": "EnGenius",
"versions": [
{
"lessThanOrEqual": "1.4.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gjoko Krstic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T21:15:28.292Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.exploit-db.com/exploits/42114"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://packetstormsecurity.com/files/142792"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cxsecurity.com/issue/WLB-2017060050"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "EnGenius EnShare IoT Gigabit Cloud Service Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34035",
"datePublished": "2025-06-24T01:00:23.862Z",
"dateReserved": "2025-04-15T19:15:22.546Z",
"dateUpdated": "2025-11-20T21:15:28.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34035 (GCVE-0-2025-34035)
Vulnerability from cvelistv5 – Published: 2025-06-24 01:00 – Updated: 2025-11-20 21:15 X_Known Exploited Vulnerability
VLAI?
Title
EnGenius EnShare IoT Gigabit Cloud Service Command Injection
Summary
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EnGenius | EnShare IoT Gigabit Cloud Service |
Affected:
0 , ≤ 1.4.11
(semver)
|
Credits
Gjoko Krstic
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34035",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T13:30:44.337841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T13:30:48.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Management Interface (usbinteract.cgi)"
],
"product": "EnShare IoT Gigabit Cloud Service",
"vendor": "EnGenius",
"versions": [
{
"lessThanOrEqual": "1.4.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gjoko Krstic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T21:15:28.292Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://www.exploit-db.com/exploits/42114"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://packetstormsecurity.com/files/142792"
},
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cxsecurity.com/issue/WLB-2017060050"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "EnGenius EnShare IoT Gigabit Cloud Service Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34035",
"datePublished": "2025-06-24T01:00:23.862Z",
"dateReserved": "2025-04-15T19:15:22.546Z",
"dateUpdated": "2025-11-20T21:15:28.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}