Genexis Platinum P4410 Router Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in the Genexis Platinum P4410 router, specifically in firmware version P4410-V2-1.41. This vulnerability allows a local network attacker to execute commands with root privileges. The issue arises from improper session management, as the session token remains valid even after an administrator logs out. An attacker on the same local network can exploit this by reusing the stale token to send crafted requests through the router's diagnostic endpoint, leading to unauthorized command execution as root.

Impact

Exploitation of this vulnerability allows for full control of the router with root access, enabling interception of network traffic and potential persistent compromise until the device is rebooted.

Added: Dec 4, 2025, 8:18 PM

Updated: Dec 4, 2025, 8:18 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.9

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.9

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Genexis Platinum P4410 Router Remote Code Execution Vulnerability

Vulnerability

Impact

Affected Products

Genexis Platinum P4410

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating