Description

A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can send specially crafted UDP packets to execute arbitrary commands on the affected device. This backdoor uses a hardcoded authentication mechanism and accepts shell commands post-authentication. Some device models include a non-standard implementation of the `echo` command, which may affect exploitability.

INFO

Published Date :

2025-07-16T21:02:57.281Z

Last Modified :

2025-07-17T18:40:31.614Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2025-34117 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-34117.

URL Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/misc/netcore_udp_53413_backdoor.rb cve-icon cve-icon
https://vulners.com/metasploit/MSF:EXPLOIT-LINUX-MISC-NETCORE_UDP_53413_BACKDOOR- cve-icon cve-icon
https://web.archive.org/web/20140828114943/http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/ cve-icon cve-icon
https://www.exploit-db.com/exploits/43387 cve-icon cve-icon
https://www.seebug.org/vuldb/ssvid-90227 cve-icon cve-icon
https://www.shadowserver.org/what-we-do/network-reporting/netcore-netis-router-vulnerability-scan-report/ cve-icon cve-icon
https://www.vulncheck.com/advisories/netcore-netis-routers-backdoor-rce cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability