CVE-2025-26055
📋 TL;DR
This CVE describes an OS command injection vulnerability in the Infinxt iEdge 100 router's Troubleshoot module. Attackers can execute arbitrary commands on the device by injecting malicious input into the tracertVal parameter. This affects organizations using Infinxt iEdge 100 routers with the vulnerable firmware version.
💻 Affected Systems
- Infinxt iEdge 100
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise allowing attackers to execute arbitrary commands with router privileges, potentially gaining persistent access, intercepting network traffic, or using the device as a pivot point into internal networks.
Likely Case
Unauthenticated attackers executing commands to disrupt network services, modify router configurations, or install malware on the device.
If Mitigated
Limited impact if network segmentation isolates the router and command execution is restricted through proper input validation.
🎯 Exploit Status
The GitHub reference contains proof-of-concept exploit code demonstrating command injection via the tracertVal parameter.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Unknown
Restart Required: No
Instructions:
No official patch available. Monitor vendor website for security updates. Consider workarounds or replacement if vendor doesn't provide timely fix.
🔧 Temporary Workarounds
Disable Troubleshoot Module
allDisable or restrict access to the vulnerable Troubleshoot module in the web interface.
Network Access Control
allRestrict access to the router's web interface to trusted IP addresses only.
🧯 If You Can't Patch
- Isolate the router in a dedicated network segment with strict firewall rules
- Implement network monitoring for suspicious command execution attempts
🔍 How to Verify
Check if Vulnerable:
Check if your Infinxt iEdge 100 router is running version 2.1.32. If so, it is vulnerable.Check Version:
Check web interface System Information page or use vendor-specific CLI commands if available.Verify Fix Applied:
Verify the router firmware version has been updated to a version later than 2.1.32.📡 Detection & Monitoring
Log Indicators:
- Unusual command execution in system logs
- Multiple failed tracert attempts with suspicious parameters
- Web interface access from unexpected sources
Network Indicators:
- Unusual outbound connections from the router
- Traffic patterns suggesting command and control activity
SIEM Query:
Search for web requests containing suspicious characters in tracertVal parameter (semicolons, pipes, ampersands, etc.)