Search

Find a vulnerability

Search criteria

    3 vulnerabilities found for EnShare IoT Gigabit Cloud Service by EnGenius

    VAR-201707-1348

    Vulnerability from variot - Updated: 2025-11-21 23:24

    An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.  Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC. ESR300 firmware, ESR350 firmware, ESR600 firmware etc. (DoS) It may be in a state. EnGenius Enshare is a USB media storage sharing application. Allows an attacker to exploit a vulnerability to execute arbitrary code. With the EnGenius IoT Gigabit Routers and free EnShare app, use your iPhone, iPad or Android-based tablet or smartphone to transfer video, music and other files to and from a router-attached USB hard drive. The EnShare feature allows you to access media content stored on a USB hard drive connected to the router's USB port in the home and when you are away from home when you have access to the Internet

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201707-1348",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.0.23"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.5"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.7"
          },
          {
            "model": "esr1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.1"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.5"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.1.28"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.1.0"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.2.2.23"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.1.26"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.5.18"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.0"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.11"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.1.63"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.9"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.11"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.3"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.1.41"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.9"
          },
          {
            "model": "esr1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.1.0"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.2.1.46"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.0"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.0"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.2"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.5"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.3"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.1.0.50"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.2"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.1.42"
          },
          {
            "model": "esr600",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.1"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.2.0"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.3.17"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.1.34"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.3"
          },
          {
            "model": "esr1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.5"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.2"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.1.0.28"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.0"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.1.0"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.9"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.2.2.27"
          },
          {
            "model": "esr1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.1.34"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.3"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.9.21"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.0"
          },
          {
            "model": "esr300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.2"
          },
          {
            "model": "epg5000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.3.7.20"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.1.0.29"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.0"
          },
          {
            "model": "esr1750",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.1"
          },
          {
            "model": "esr900",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.5"
          },
          {
            "model": "esr350",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.0"
          },
          {
            "model": "esr1200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "engeniustech",
            "version": "1.4.3"
          },
          {
            "model": "epg5000",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "esr1200",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "esr600",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "esr350",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "esr300",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "esr1750",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "esr900",
            "scope": null,
            "trust": 0.8,
            "vendor": "engenius",
            "version": null
          },
          {
            "model": "enshare iot gigabit cloud service",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "engenius",
            "version": "1.4.11"
          },
          {
            "model": "enshare iot gigabit cloud service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "engenius",
            "version": "1.1.0)"
          },
          {
            "model": "enshare iot gigabit cloud service",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "engenius",
            "version": "1.1.0.28)"
          },
          {
            "model": "enshare iot gigabit cloud service",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "engenius",
            "version": "1.1.0.29)"
          },
          {
            "model": "enshare iot gigabit cloud service",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "engenius",
            "version": "1.1.0.50)"
          },
          {
            "model": "enshare iot gigabit cloud service",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "engenius",
            "version": "1.2.0)"
          }
        ],
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vulnerability discovered by Gjoko Krstic",
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          }
        ],
        "trust": 0.1
      },
      "cve": "CVE-2025-34035",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-13571",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2025-34035",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2025-34035",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2025-34035",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "disclosure@vulncheck.com",
                "id": "CVE-2025-34035",
                "trust": 1.0,
                "value": "Critical"
              },
              {
                "author": "NVD",
                "id": "CVE-2025-34035",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-13571",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "ZSL",
                "id": "ZSL-2017-5413",
                "trust": 0.1,
                "value": "(5/5)"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. \u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC. ESR300 firmware, ESR350 firmware, ESR600 firmware etc. (DoS) It may be in a state. EnGenius Enshare is a USB media storage sharing application. Allows an attacker to exploit a vulnerability to execute arbitrary code. With the EnGenius IoT Gigabit Routers and free EnShare app, use your iPhone, iPad or Android-based tablet or smartphone to transfer video, music and other files to and from a router-attached USB hard drive. The EnShare feature allows you to access media content stored on a USB hard drive connected to the router\u0027s USB port in the home and when you are away from home when you have access to the Internet",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          }
        ],
        "trust": 2.25
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.zeroscience.mk/codes/enshare_rce.txt",
            "trust": 0.1,
            "type": "poc"
          }
        ],
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-34035",
            "trust": 2.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "42114",
            "trust": 2.5
          },
          {
            "db": "CXSECURITY",
            "id": "WLB-2017060050",
            "trust": 1.9
          },
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413",
            "trust": 1.9
          },
          {
            "db": "PACKETSTORM",
            "id": "142792",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848",
            "trust": 0.8
          },
          {
            "db": "EXPLOITDB",
            "id": "42114",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "id": "VAR-201707-1348",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          }
        ],
        "trust": 1.2666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          }
        ]
      },
      "last_update_date": "2025-11-21T23:24:14.983000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate input confirmation (CWE-20) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": "OS Command injection (CWE-78) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://cxsecurity.com/issue/wlb-2017060050"
          },
          {
            "trust": 1.8,
            "url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
          },
          {
            "trust": 1.8,
            "url": "https://www.exploit-db.com/exploits/42114"
          },
          {
            "trust": 1.8,
            "url": "https://www.zeroscience.mk/en/vulnerabilities/zsl-2017-5413.php"
          },
          {
            "trust": 1.1,
            "url": "https://packetstormsecurity.com/files/142792"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-34035"
          },
          {
            "trust": 0.7,
            "url": "https://www.exploit-db.com/exploits/42114/"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127026"
          },
          {
            "trust": 0.1,
            "url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=esr900"
          },
          {
            "trust": 0.1,
            "url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=esr600"
          },
          {
            "trust": 0.1,
            "url": "https://www.engeniusnetworks.eu/downloads?field_file_type_tid=27\u0026amp;title=epg5000"
          },
          {
            "trust": 0.1,
            "url": "http://www.vfocus.net/art/20170606/13644.html"
          },
          {
            "trust": 0.1,
            "url": "https://badpackets.net/engenius-routers-found-in-mirai-like-botnet/"
          }
        ],
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-06-04T00:00:00",
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "date": "2017-07-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "date": "2025-07-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "date": "2025-06-24T01:15:24.763000",
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-11T00:00:00",
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          },
          {
            "date": "2017-07-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-13571"
          },
          {
            "date": "2025-07-25T02:44:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          },
          {
            "date": "2025-11-20T22:15:56.183000",
            "db": "NVD",
            "id": "CVE-2025-34035"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0EnGenius\u00a0Technologies\u00a0 In the product \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-009848"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Local/Remote,System Access",
        "sources": [
          {
            "db": "ZSL",
            "id": "ZSL-2017-5413"
          }
        ],
        "trust": 0.1
      }
    }

    CVE-2025-34035 (GCVE-0-2025-34035)

    Vulnerability from nvd – Published: 2025-06-24 01:00 – Updated: 2026-04-07 14:09 X_Known Exploited Vulnerability
    VLAI
    Title
    EnGenius EnShare IoT Gigabit Cloud Service Command Injection
    Summary
    An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    EnGenius EnShare IoT Gigabit Cloud Service Affected: 0 , ≤ 1.4.11 (semver)
    Create a notification for this product.
    Date Public
    2017-06-04 00:00
    Credits
    Gjoko Krstic
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34035",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-24T13:30:44.337841Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-24T13:30:48.459Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Web Management Interface (usbinteract.cgi)"
              ],
              "product": "EnShare IoT Gigabit Cloud Service",
              "vendor": "EnGenius",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gjoko Krstic"
            }
          ],
          "datePublic": "2017-06-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
                }
              ],
              "value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:10.247Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/42114"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://packetstormsecurity.com/files/142792"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://cxsecurity.com/issue/WLB-2017060050"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "EnGenius EnShare IoT Gigabit Cloud Service Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34035",
        "datePublished": "2025-06-24T01:00:23.862Z",
        "dateReserved": "2025-04-15T19:15:22.546Z",
        "dateUpdated": "2026-04-07T14:09:10.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34035 (GCVE-0-2025-34035)

    Vulnerability from cvelistv5 – Published: 2025-06-24 01:00 – Updated: 2026-04-07 14:09 X_Known Exploited Vulnerability
    VLAI
    Title
    EnGenius EnShare IoT Gigabit Cloud Service Command Injection
    Summary
    An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    EnGenius EnShare IoT Gigabit Cloud Service Affected: 0 , ≤ 1.4.11 (semver)
    Create a notification for this product.
    Date Public
    2017-06-04 00:00
    Credits
    Gjoko Krstic
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34035",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-24T13:30:44.337841Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-24T13:30:48.459Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Web Management Interface (usbinteract.cgi)"
              ],
              "product": "EnShare IoT Gigabit Cloud Service",
              "vendor": "EnGenius",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gjoko Krstic"
            }
          ],
          "datePublic": "2017-06-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
                }
              ],
              "value": "An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:10.247Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5413.php"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/42114"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://packetstormsecurity.com/files/142792"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://cxsecurity.com/issue/WLB-2017060050"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/engenius-enshare-iot-gigabit-cloud-service"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "EnGenius EnShare IoT Gigabit Cloud Service Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34035",
        "datePublished": "2025-06-24T01:00:23.862Z",
        "dateReserved": "2025-04-15T19:15:22.546Z",
        "dateUpdated": "2026-04-07T14:09:10.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }