CVE-2025-66620

Name of the Vulnerable Software and Affected Versions MicroServer (affected versions not specified)

Description An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the file system. The webshell allows for unlimited login attempts. Successful exploitation grants sudo rights on specific files and directories. An attacker can establish persistence through reverse shells and manipulate or delete data within the file system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.