CVE-2025-6559OS Command Injection in Br071n

CWE-78OS Command Injection3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
0.4%
top 38.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Sapido Br071nSapido Br261cSapido Br270n+9 more
Timeline
PublishedJun 24
Latest updateJun 26

Description

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages12 packages

CVEListV5sapido/br071n0
CVEListV5sapido/br261c0
CVEListV5sapido/br270n0
CVEListV5sapido/br476n0
CVEListV5sapido/brc70n0

🔴Vulnerability Details

2
GHSA
GHSA-f93r-w378-h583: Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary2025-06-26
CVEList
Sapido Wireless Router - OS Command Injection2025-06-24
CVE-2025-6559 — OS Command Injection in Sapido Br071n | cvebase