Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge BASIC MB-A130 Ver.1.5.8 and earlier. If exploited, a remote unauthenticated attacker may execute arbitrary OS commands with root privileges.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 02 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Seiko-sol
Seiko-sol skybridge Basic Mb-a130
Vendors & Products Seiko-sol
Seiko-sol skybridge Basic Mb-a130

Tue, 02 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 01 Sep 2025 05:30:00 +0000

Type Values Removed Values Added
Description Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge BASIC MB-A130 Ver.1.5.8 and earlier. If exploited, a remote unauthenticated attacker may execute arbitrary OS commands with root privileges.
Weaknesses CWE-78
References
Metrics cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2025-09-02T14:10:07.142Z

Reserved: 2025-08-25T00:22:42.724Z

Link: CVE-2025-54857

cve-icon Vulnrichment

Updated: 2025-09-02T14:10:03.994Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-09-01T06:15:35.453

Modified: 2025-09-02T15:55:25.420

Link: CVE-2025-54857

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-02T15:23:21Z