CVE-2025-44658
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-21

Last updated on: 2025-08-07

Assigner: MITRE

Description
In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-21
Last Modified
2025-08-07
Generated
2026-05-07
AI Q&A
2025-07-21
EPSS Evaluated
2026-05-05
NVD
CVE-2025-44658
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
netgear rax30_firmware 1.0.10.94
netgear rax30 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Netgear RAX30 router firmware V1.0.10.94 is caused by a misconfiguration in the PHP-FPM setup where the security.limit_extensions parameter allows multiple file extensions beyond just .php. This misconfiguration lets an attacker upload malicious scripts with alternate extensions like .html or .htm and have them executed as PHP code by the web server, bypassing security filters based on file extensions. [1]


How can this vulnerability impact me? :

Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely on the affected device, potentially leading to remote code execution (RCE), unauthorized information disclosure, or full system compromise of the Netgear RAX30 router. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking the PHP-FPM configuration file `/etc/php-fpm.d/www.conf` on the Netgear RAX30 device for the `security.limit_extensions` parameter. If it is set to allow multiple extensions such as `.html`, `.htm`, `.php3`, `.php4`, `.php5`, `.php7` instead of being limited strictly to `.php` (or `.php .phar`), the device is vulnerable. A command to check this setting is: `grep security.limit_extensions /etc/php-fpm.d/www.conf`. If the output shows extensions beyond `.php` and `.phar`, the vulnerability exists. [1]


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability immediately, you should modify the PHP-FPM configuration file `/etc/php-fpm.d/www.conf` to restrict the `security.limit_extensions` parameter to only `.php` and `.phar` extensions as per the official PHP-FPM specification. This prevents execution of scripts with alternate extensions. After making the change, restart the PHP-FPM service to apply the configuration. Additionally, consider applying any available firmware updates from Netgear that address this issue. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart