Mitrastar · Mitrastar Gpt-2741Gnac-N2 · CVE-2025-50753
Name of the Vulnerable Software and Affected Versions:
Mitrastar GPT-2741GNAC-N2 (affected versions not specified)
Description:
Mitrastar GPT-2741GNAC-N2 devices allow access through SSH into a restricted default shell. The `deviceinfo show file` command, intended for use within the restricted shell to display files and directories, is susceptible to command injection. Providing “/bin/sh” (including the quotes) as an argument to this command can initiate a root shell.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.