ssh root@10.10.10.20 cat /tmp/pwned # Expected output: uid=0(root) gid=0(root) groups=0(root)
– The PoC is provided for educational purposes only. Do not run it against systems you do not own or have explicit permission to test. nhdta-793
| Attribute | Detail | |-----------|--------| | | NHDTA‑793 | | CVE | CVE‑2025‑XXXXX (assigned by MITRE) | | Vendor | NetHome Technologies, Inc. | | Product | NetHome Data Transfer Agent (NHDTA) – versions 1.2.0 through 3.4.9 | | Vulnerability type | Remote Code Execution (RCE) – Unauthenticated deserialization of user‑controlled data | | CVSS v3.1 Base Score | 9.8 (Critical) | | Vector | Network (AV:N) / Adjacent Network (AV:A) – depends on deployment | | Complexity | Low (AC:L) | | Privileges Required | None (PR:N) | | User Interaction | None (UI:N) | | Scope | Unchanged (S:U) | | Confidentiality / Integrity / Availability Impact | C/I/A: High | | Discovery date | 2025‑11‑08 | | Public disclosure | 2026‑02‑15 (Full advisory) | | Patch release | 2026‑03‑02 (v3.5.0) | ssh root@10
After upgrading, confirm the fix is present: | | Product | NetHome Data Transfer Agent