Share:

CVE-2025-55423

Severe 9.8

A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation or sanitization, allowing OS command injection.

Published January 20, 2026.

Affected software

Iptime N7004ns Firmware

Iptime N804a3 Firmware

Iptime A704ns-bcm Firmware

Iptime N604tplus Firmware

Iptime N102eplus Firmware

Iptime N704qca Firmware

Iptime T24000m Firmware

Iptime A3008-mu Firmware

Iptime A2004plus Firmware

Iptime N604s Firmware

Iptime A2003mu Firmware

Iptime N5-i Firmware

Iptime T3008 Firmware

Iptime N104k Firmware

Iptime N702eplus Firmware

Iptime N704bcm Firmware

Iptime N104v Firmware

Iptime N604t Firmware

Iptime T5008 Firmware

Iptime N600 Firmware

Iptime N702e Firmware

Iptime A2004nsplus Firmware

Iptime A3003ns Firmware

Iptime A1004ns Firmware

Iptime Ax8004bcm Firmware

Iptime A804ns-mu Firmware

Iptime Q604 Firmware

Iptime T16000m Firmware

Iptime T5004 Firmware

Iptime A6004ns-m Firmware

Iptime Ax8008m Firmware

Iptime A3002mesh Firmware

Iptime N102i Firmware

Iptime A3004t Firmware

Iptime A604g-mu Firmware

Iptime A8004t-xr Firmware

Iptime Smart Firmware

Iptime A8ns-m Firmware

Iptime N602eplus Firmware

Iptime N604 Black Firmware

Iptime N102e Firmware

Iptime N604se Firmware

Iptime A3004ns-dual Firmware

Iptime A2004ns-r Firmware

Iptime A9004m Firmware

Iptime A3004 Firmware

Iptime A3004ns-m Firmware

Iptime N8004r Firmware

Iptime N904v Firmware

Iptime N1plus Firmware

Iptime N104e Firmware

Iptime A8004t Firmware

Iptime N604vplus Firmware

Iptime N2plus-i Firmware

Iptime A7ns Firmware

Iptime V304 Firmware

Iptime A3004ns-bcm Firmware

Iptime N3-i Firmware

Iptime N804 Firmware

Iptime N1plus-i Firmware

Iptime A2004 Firmware

Iptime N104q Firmware

Iptime A604mu Firmware

Iptime N2eplus Firmware

Iptime N104s-r1 Firmware

Iptime N702r Firmware

Iptime A2004ns Firmware

Iptime N604plus-i Firmware

Iptime A6004ns Firmware

Iptime N804t Firmware

Iptime T16000 Firmware

Iptime Ax3004bcm Firmware

Iptime N104eplus Firmware

Iptime A3004ns Firmware

Iptime A3004tw Firmware

Iptime A604r Firmware

Iptime A8004ns-m Firmware

Iptime Ew302n Firmware

Iptime A5004ns-m Firmware

Iptime T3004 Firmware

Iptime N804r Firmware

Iptime Ax2002mesh Firmware

Iptime N704v3 Firmware

Iptime T24000 Firmware

Iptime N104plus Firmware

Iptime A104r Firmware

Iptime A5004ns Firmware

Iptime A2004r Firmware

Iptime N5 Firmware

Iptime N704ns Firmware

Iptime A104ns Firmware

Iptime N704eplus Firmware

Iptime N604plus Firmware

Iptime Ax3004itl Firmware

Iptime N702bcm Firmware

Iptime N604eplus Firmware

Iptime N804a Firmware

Iptime N1e Firmware

Iptime N104plus-i Firmware

Iptime N2v Firmware

Iptime N2plus Firmware

Iptime A1004v Firmware

Iptime N6 Firmware

Iptime A3 Firmware

Iptime N904plus Firmware

Iptime Q304 Firmware

Iptime Ax11000 Firmware

Iptime A8004itl Firmware

Iptime Q1 Firmware

Iptime A2003ns-mu Firmware

Iptime A604se Firmware

Iptime N604e Firmware

Iptime A7004m Firmware

Iptime N604rplus-i Firmware

Iptime N904ns Firmware

Iptime N2e Firmware

Iptime N604a Firmware

Iptime Ax8004m Firmware

Iptime A6004mx Firmware

Iptime A604m Firmware

Iptime A604-v3 Firmware

Iptime A2008 Firmware

Iptime A604v Firmware

Iptime A6ns-m Firmware

Iptime V508 Firmware

Iptime Ax2004m Firmware

Iptime N704e Firmware

Iptime N1v Firmware

Iptime A8004bcm Firmware

Iptime N104r Firmware

Iptime N6004r Firmware

Iptime N602e Firmware

Iptime Q504 Firmware

Iptime N804t3 Firmware

Iptime N604rplus Firmware

Iptime A304 Firmware

Iptime N704-a3 Firmware

Iptime A3004m Firmware

Iptime A604g-skylife Firmware

Iptime A2004ns-mu Firmware

Iptime A604-v5 Firmware

Iptime N102iplus Firmware

Iptime N2vs Firmware

Iptime A9004m-x2 Firmware

Iptime V504 Firmware

Iptime A1 Firmware

Iptime A1004 Firmware

Iptime N604r Firmware

Iptime A3004-dual Firmware

Iptime A104 Firmware

Iptime N604v Firmware

Iptime N8004v Firmware

Iptime A2004mu Firmware

Iptime Ax2004 Firmware

Iptime A2004se Firmware

Iptime A604 Firmware

Iptime N602se Firmware

Iptime Ax2004bcm Firmware

Iptime N104q-i Firmware

Iptime N104 Black Firmware

Iptime N804v Firmware

Iptime N904 Firmware

Iptime N3 Firmware

Get alerts for Iptime N7004ns Firmware

Reference links