CVE-2025-25270

Critical

An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific…

CERTVDE·CWE-913·Published 2025-07-08

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

145 chars

An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.

NVDen

145 chars

An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.

Un atacante remoto no autenticado puede alterar la configuración del dispositivo de manera tal de obtener la ejecución remota de código como root con configuraciones específicas.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H