CVE-2025-22495

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Feb 24, 2025

CWE ID 20

Summary

CVE-2025-22495 is an input validation vulnerability affecting the NTP server configuration field of the Network-M2 card. If exploited by an authenticated high privileged user, this issue allows for the execution of arbitrary commands. The vulnerability has been addressed in version 3.0.4. However, it is important to note that Network-M2 has reached its end-of-life and Network-M3 should be considered as a suitable replacement.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2QVs_M
https://www.cve.org/CVERecord?id=CVE-2025-22495
https://nvd.nist.gov/vuln/detail/CVE-2025-22495

Back to Vulnerability Database

CVE-2025-22495

CVSS 3.1 Score 8.4 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations