CVE-2025-8452

2025-08-15 12:08:25 AM CDT

CVE-2025-8452: Brother Printer Serial Number Disclosure

AHA! has discovered an issue with multi-function printer (MFP) firmware from Brother, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on Thursday, August 14, 2025. CVE-2025-8452 has been assigned to this issue.

The GCVE identifier for this issue is GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Brother printer firmware advertises the serial number of the device over the network via the “uscan” protocol in its implementation of the eSCL specification. While serial numbers are rarely considered sensitive, in this case, the serial number can be used to derive the default administrator password of the device. Therefore, this is an instance of CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory, and we estimate the CVSS 3.1 rating to be 4.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) .

CVE-2025-32455

2025-06-08 3:58:25 PM CDT

CVE-2025-32455: ON Semiconductor Quantenna router_command.sh run_cmd Argument Injection

AHA! has discovered an issue with Quantenna Wi-Fi chips from ON Semiconductor, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on June 8, 2025. CVE-2025-32455 has been assigned to this issue.

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Quantenna Wi-Fi chips ship with a local control script that is vulnerable to command injection. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.7.

CVE-2025-32456

2025-06-08 3:58:25 PM CDT

CVE-2025-32456: ON Semiconductor Quantenna router_command.sh put_file_to_qtn Argument Injection

AHA! has discovered an issue with Quantenna Wi-Fi chips from ON Semiconductor, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on June 8, 2025. CVE-2025-32456 has been assigned to this issue.

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Quantenna Wi-Fi chips ship with a local control script that is vulnerable to command injection. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.7.

CVE-2025-32457

2025-06-08 3:58:25 PM CDT

CVE-2025-32457: ON Semiconductor Quantenna router_command.sh get_file_from_qtn Argument Injection

AHA! has discovered an issue with Quantenna Wi-Fi chips from ON Semiconductor, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on June 8, 2025. CVE-2025-32457 has been assigned to this issue.

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Quantenna Wi-Fi chips ship with a local control script that is vulnerable to command injection. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.7.

CVE-2025-32458

2025-06-08 3:58:25 PM CDT

CVE-2025-32458: ON Semiconductor Quantenna router_command.sh get_syslog_from_qtn Argument Injection

AHA! has discovered an issue with Quantenna Wi-Fi chips from ON Semiconductor, and is issuing this disclosure in accordance with AHA!’s standard disclosure policy on June 8, 2025. CVE-2025-32458 has been assigned to this issue.

Any questions about this disclosure should be directed to [email protected].

Executive Summary

Quantenna Wi-Fi chips ship with a local control script that is vulnerable to command injection. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.7.