CVE-2025-22450
📋 TL;DR
This vulnerability in UD-LT2 firmware allows remote attackers to disable the LAN-side firewall and open specific ports through undocumented features. It affects UD-LT2 devices running firmware version 1.00.008_SE and earlier. Network administrators using these devices are at risk of unauthorized network access.
💻 Affected Systems
- IODATA UD-LT2
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete network compromise with attackers gaining unrestricted access to internal systems, data exfiltration, and lateral movement across the network.
Likely Case
Attackers bypass firewall protections to access internal services, potentially leading to data breaches or service disruption.
If Mitigated
Limited impact with proper network segmentation and monitoring, though firewall bypass still creates security gaps.
🎯 Exploit Status
Requires knowledge of undocumented features but no authentication needed once discovered.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Later than Ver.1.00.008_SE
Vendor Advisory: https://www.iodata.jp/support/information/2025/01_ud-lt2/
Restart Required: No
Instructions:
1. Access UD-LT2 web interface. 2. Navigate to firmware update section. 3. Download latest firmware from IODATA website. 4. Upload and apply firmware update. 5. Verify successful update.
🔧 Temporary Workarounds
Network Segmentation
allIsolate UD-LT2 devices in separate VLANs to limit potential damage if firewall is bypassed.
Access Control Lists
allImplement additional firewall rules on upstream devices to restrict traffic to UD-LT2.
🧯 If You Can't Patch
- Replace vulnerable devices with updated hardware or alternative solutions
- Implement strict network monitoring and intrusion detection for suspicious port activity
🔍 How to Verify
Check if Vulnerable:
Check firmware version in UD-LT2 web interface under System Information.Check Version:
No CLI command - check via web interface at System > Firmware InformationVerify Fix Applied:
Confirm firmware version is later than 1.00.008_SE and test firewall functionality.📡 Detection & Monitoring
Log Indicators:
- Unexpected firewall rule changes
- Unauthorized configuration modifications
- Port scanning from internal addresses
Network Indicators:
- Unexpected open ports on UD-LT2
- Traffic bypassing firewall rules
- Anomalous connection patterns
SIEM Query:
source="ud-lt2" AND (event_type="config_change" OR event_type="firewall_disable")