CVE-2025-34035: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in EnGenius EnShare IoT Gigabit Cloud Service
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
AI Analysis
Technical Summary
This vulnerability (CVE-2025-34035) involves improper neutralization of special elements in the usbinteract.cgi script of EnGenius EnShare IoT Gigabit Cloud Service (version 1.4.11 and earlier). The script fails to sanitize the 'path' parameter, enabling unauthenticated remote attackers to perform OS command injection. The injected commands run with root privileges, allowing complete control over the affected system. The vulnerability has a CVSS 4.0 base score of 10.0, indicating critical severity. Exploitation evidence was confirmed by Shadowserver Foundation on 2024-12-05. No patch or vendor advisory is currently available.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to execute arbitrary commands with root privileges on the affected system, leading to full system compromise. This can result in complete loss of confidentiality, integrity, and availability of the system running the vulnerable EnShare IoT Gigabit Cloud Service.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict access to the vulnerable service and monitor for suspicious activity related to the usbinteract.cgi script. Avoid exposing the service to untrusted networks.
CVE-2025-34035: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in EnGenius EnShare IoT Gigabit Cloud Service
Description
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected commands are executed with root privileges, leading to full system compromise. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-05 UTC.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2025-34035) involves improper neutralization of special elements in the usbinteract.cgi script of EnGenius EnShare IoT Gigabit Cloud Service (version 1.4.11 and earlier). The script fails to sanitize the 'path' parameter, enabling unauthenticated remote attackers to perform OS command injection. The injected commands run with root privileges, allowing complete control over the affected system. The vulnerability has a CVSS 4.0 base score of 10.0, indicating critical severity. Exploitation evidence was confirmed by Shadowserver Foundation on 2024-12-05. No patch or vendor advisory is currently available.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to execute arbitrary commands with root privileges on the affected system, leading to full system compromise. This can result in complete loss of confidentiality, integrity, and availability of the system running the vulnerable EnShare IoT Gigabit Cloud Service.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict access to the vulnerable service and monitor for suspicious activity related to the usbinteract.cgi script. Avoid exposing the service to untrusted networks.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2025-04-15T19:15:22.546Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6859fad3dec26fc862d8c379
Added to database: 6/24/2025, 1:09:39 AM
Last enriched: 4/7/2026, 10:57:56 PM
Last updated: 5/9/2026, 4:52:14 AM
Views: 122
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.