CVE-2025-8890

UNKNOWN 0.0

Authenticated RCE in SDMC NE6037 router

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks. In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.

CWE	CWE-78
Vendor	sdmc
Product	ne6037
Published	Nov 27, 2025
Last Updated	Mar 18, 2026

Stay Ahead of the Next One

Get instant alerts for sdmc ne6037

Be the first to know when new unknown vulnerabilities affecting sdmc ne6037 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

SDMC / NE6037

0 < 7.1.12.2.44

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert.pl: https://cert.pl/en/posts/2025/11/CVE-2025-8890 securitum.com: https://www.securitum.com/cve-2025-8890.html

Credits

Grzegorz Bronka (Securitum.pl)