CVE-2025-3459
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/06/2025
Last modified:
21/01/2026
Description
The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command (&#39;Argument Injection&#39;)," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).<br />
This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record&#39;s first publishing, though the vendor has released a best practices guide for implementors of this chipset.
Impact
Base Score 3.x
7.70
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:onsemi:qcs-ax3-s5_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qcs-ax3-s5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qcs-ax2-a12_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qcs-ax2-a12:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qcs-ax2-t12_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qcs-ax2-t12:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qcs-ax2-t8_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qcs-ax2-t8:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qd840_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qd840:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qhs710_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qhs710:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qsr10ga_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qsr10ga:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qsr10gu_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page