FKIE_CVE-2025-3459

Vulnerability from fkie_nvd - Published: 2025-06-08 21:15 - Updated: 2025-06-09 19:15
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
References
cve@takeonme.orghttps://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices
cve@takeonme.orghttps://takeonme.org/cves/cve-2025-3459
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable to command injection. This is an instance of CWE-88, \"Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027),\" and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record\u0027s first publishing, though the vendor has released a best practices guide for implementors of this chipset."
    },
    {
      "lang": "es",
      "value": "El Chipset Quantenna Wi-Fi se entrega con un script de control local, transmit_file, vulnerable a la inyecci\u00f3n de comandos. Se trata de una instancia de CWE-88, \"Neutralizaci\u00f3n incorrecta de delimitadores de argumentos en un comando (\u0027Inyecci\u00f3n de argumentos\u0027)\", y se estima que es CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). Este problema afecta al chipset Quantenna Wi-Fi hasta la versi\u00f3n 8.0.0.28 del SDK m\u00e1s reciente y, al parecer, no se hab\u00eda corregido al momento de la publicaci\u00f3n inicial de este registro CVE, aunque el proveedor ha publicado una gu\u00eda de pr\u00e1cticas recomendadas para los implementadores de este chipset."
    }
  ],
  "id": "CVE-2025-3459",
  "lastModified": "2025-06-09T19:15:24.707",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.2,
        "source": "cve@takeonme.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-08T21:15:32.770",
  "references": [
    {
      "source": "cve@takeonme.org",
      "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices"
    },
    {
      "source": "cve@takeonme.org",
      "url": "https://takeonme.org/cves/cve-2025-3459"
    }
  ],
  "sourceIdentifier": "cve@takeonme.org",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "cve@takeonme.org",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.