CVE-2025-65883
Dec. 4, 2025, 8:16 p.m.
None
No Score
Description
A vulnerability has been identified in Genexis Platinum P4410 router (Firmware P4410-V2–1.41) that allows a local network attacker to achieve Remote Code Execution (RCE) with root privileges. The issue occurs due to improper session invalidation after administrator logout. When an administrator logs out, the session token remains valid. An attacker on the local network can reuse this stale token to send crafted requests via the router’s diagnostic endpoint, resulting in command execution as root.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Genexis |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | genexis | platinum_p4410 | P4410-V2–1.41 | / | / | / | / | / | / | / |
Tags
Timeline
Published: Dec. 4, 2025, 8:16 p.m.
Last Modified: Dec. 4, 2025, 8:16 p.m.
Last Modified: Dec. 4, 2025, 8:16 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.