Cyber Resilience

CVE-2025-13797

LowPublic PoC

Published: 01 December 2025

Published
01 December 2025
Modified
29 April 2026
KEV Added
Patch
CVSS Score v4 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0030 54.0th percentile
Risk Priority 4 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-13797 is a low-severity Injection (CWE-74) vulnerability in Adslr B-Qe2W401 Firmware. Its CVSS base score is 2.1 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked in the top 46.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

A vulnerability has been identified in the ADSLR B-QE2W401 firmware version 250814-r037c. The issue resides in the parameterdel_swifimac function within the /send_order.cgi file, where improper handling of the del_swifimac argument enables command injection. The flaw is tracked under CWE-74 and CWE-77, carries a CVSS 4.0 score of 2.1, and can be triggered remotely without user interaction.

An authenticated remote attacker can supply crafted input to the affected parameter and execute arbitrary commands on the device. Successful exploitation yields limited impacts to confidentiality, integrity, and availability on the target system. The vendor did not respond to early disclosure notification, and a public exploit is now available.

EPSS probability for this CVE rose from a low baseline to a peak of 0.0143 on 2025-12-11 before receding to the current value of 0.0030, indicating a temporary increase in observed exploitation interest after public disclosure.

EU & UK References

Vulnerability details

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swifimac results in command injection. The attack is possible to be carried out remotely. The…

more

exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1202 Indirect Command Execution Stealth
Adversaries may abuse utilities that allow for command execution to bypass security restrictions that limit the use of command-line interpreters.
Why these techniques?

Command injection in web CGI script (/send_order.cgi) allows remote unauthenticated arbitrary command execution, enabling exploitation of public-facing application (T1190), Unix Shell execution (T1059.004), and indirect command execution (T1202) as noted in advisory.

CVEs Like This One

CVE-2025-13800Same product: Adslr B-Qe2W401
CVE-2025-13798Same product: Adslr B-Qe2W401
CVE-2025-13799Same product: Adslr B-Qe2W401
CVE-2025-7932Shared CWE-74, CWE-77
CVE-2025-9583Shared CWE-74, CWE-77
CVE-2025-9581Shared CWE-74, CWE-77
CVE-2025-14705Shared CWE-74, CWE-77
CVE-2025-10324Shared CWE-74, CWE-77
CVE-2025-12916Shared CWE-74, CWE-77
CVE-2025-7613Shared CWE-74, CWE-77

Affected Assets

adslr
b-qe2w401 firmware
≤ 250814-r037c

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents command injection by validating and sanitizing the del_swifimac parameter in the /send_order.cgi file against malicious inputs.

prevent

Requires timely identification, reporting, and correction of the specific command injection flaw in the ADSLR B-QE2W401 250814-r037c firmware.

prevent

Monitors and controls remote network traffic to the vulnerable /send_order.cgi endpoint, enabling web application firewall rules to block command injection payloads.

References