CVE-2025-50753

Name of the Vulnerable Software and Affected Versions: Mitrastar GPT-2741GNAC-N2 (affected versions not specified)

Description: Mitrastar GPT-2741GNAC-N2 devices allow access through SSH into a restricted default shell. The deviceinfo show file command, intended for use within the restricted shell to display files and directories, is susceptible to command injection. Providing “/bin/sh” (including the quotes) as an argument to this command can initiate a root shell.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.