CVE-2025-44658

moderate-risk

Published 2025-07-21

In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise.

Do I need to act?

0.49% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (1)

Rax30 Firmware

Affected Vendors

Netgear

References (3)

Broken Link https://gist.github.com/TPCchecker/c72eea7a3f89070dab7dfdbf7504b2d6

Vendor Advisory https://www.netgear.com/about/security/

Third Party Advisory https://www.notion.so/CVE-2025-44658-24754a1113e780df8f72c779a108f75b

/ 100

moderate-risk

Severity 32/34 · Critical

Exploitability 2/34 · Minimal

Exposure 5/34 · Minimal