{"vulnerability": "cve-2025-4121", "sightings": [{"uuid": "c9edf565-a2e3-4f74-af0c-471f4b8d85c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4121", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14039", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4121\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-04-30T14:00:07.565Z\n\ud83d\udccf Modified: 2025-04-30T14:00:07.565Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.306601\n2. https://vuldb.com/?ctiid.306601\n3. https://vuldb.com/?submit.560775\n4. https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Command_injection-cmd_wireless-port_phy_set/README.md\n5. https://www.netgear.com/", "creation_timestamp": "2025-04-30T14:13:04.000000Z"}, {"uuid": "85278da7-ed1f-4e5e-b2f9-3ba1b071eba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4121", "type": "seen", "source": "https://t.me/cvedetector/24119", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4121 - Netgear JWNR2000v2 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4121 \nPublished : April 30, 2025, 2:15 p.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T17:55:21.000000Z"}]}