CVE-2025-55075
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-17

Last updated on: 2025-09-17

Assigner: JPCERT/CC

Description
Hidden functionality issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, SSH may be enabled by a remote authenticated attacker.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-17
Last Modified
2025-09-17
Generated
2026-06-16
AI Q&A
2025-09-17
EPSS Evaluated
2026-06-15
NVD
CVE-2025-55075
EUVD
EUVD-2025-29682
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
i-o_data_device wn-7d36qr/ue *
i-o_data_device wn-7d36qr *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-912 The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves hidden functionality in the WN-7D36QR and WN-7D36QR/UE wireless LAN routers. Specifically, it allows a remote authenticated attacker to enable SSH access on the device and execute arbitrary operating system commands, potentially compromising the device. [1]

Impact Analysis

If exploited, this vulnerability can allow a remote authenticated attacker to gain SSH access and execute arbitrary OS commands on the affected router. This could lead to unauthorized control over the device, potentially disrupting network operations or exposing sensitive information. [1]

Detection Guidance

Detection can involve checking if SSH is unexpectedly enabled on the affected WN-7D36QR or WN-7D36QR/UE devices, especially if remote authenticated attackers could have enabled it. Network scanning tools like nmap can be used to detect open SSH ports (usually port 22) on these devices. For example, running 'nmap -p 22 <device_ip>' can help identify if SSH is enabled. Additionally, reviewing device firmware version to see if it is 1.1.3 or earlier can indicate vulnerability presence. [1]

Mitigation Strategies

The immediate mitigation step is to update the router firmware to version 2.1.3 or later, which addresses the vulnerabilities including CVE-2025-55075. Until the update is applied, restrict remote authenticated access to the device to prevent exploitation. Disabling remote management features and monitoring for unauthorized SSH access attempts are also recommended. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55075. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart