CVE-2025-6559

Name of the Vulnerable Software and Affected Versions: Sapido BR071n version All Sapido BR261c version All Sapido BR270n version All Sapido BR476n version All Sapido BRC70n version All Sapido BRC70x version All Sapido BRC76n version All Sapido BRD70n version All Sapido BRE70n version All Sapido BRE71n version All Sapido BRF61c version All Sapido BRF71n version All

Description: The issue is an OS Command Injection, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. This is due to the improper neutralization of special elements used in an OS command.

Recommendations: Replace the device with a supported model, as the affected models are out of support. For all affected models, consider disabling any remote access features until replacement. Restrict access to the device to minimize the risk of exploitation. Avoid using the device for critical operations until it is replaced. At the moment, there is no information about a newer version that contains a fix for this vulnerability.