CVE-2025-6102
BaseFortify
Publication date: 2025-06-16
Last updated on: 2025-06-16
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a critical OS command injection flaw in the Wifi-soft UniBox Controller up to version 20250506. It exists in the /authentication/logout.php file, specifically in the mac_address parameter. An attacker can manipulate this parameter to inject and execute arbitrary operating system commands remotely on the affected device. This allows unauthorized code execution, potentially leading to full control over the router device. [1, 2]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to severe impacts including unauthorized execution of arbitrary code, installation of backdoors, gaining server-level permissions, and full control over the affected router device. This compromises the confidentiality, integrity, and availability of the system, potentially allowing attackers to disrupt network operations or steal sensitive information. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for access or attempts to access the /authentication/logout.php endpoint with suspicious mac_address parameter values that may contain command injection payloads. One detection method is to monitor web server logs for unusual requests to /authentication/logout.php. Additionally, Google dorking with queries like 'inurl:authentication/logout.php' can help identify vulnerable targets. Specific commands to detect exploitation attempts could include using tools like grep on web server logs, for example: grep '/authentication/logout.php' /var/log/apache2/access.log or equivalent, and inspecting the mac_address parameter for suspicious characters or command injection patterns. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Wifi-soft UniBox Controller product with an alternative solution, as no vendor-provided patches or countermeasures are available. Additionally, restricting access to the /authentication/logout.php endpoint, implementing network-level protections such as firewall rules to limit access, and monitoring for exploitation attempts are recommended. Since the vulnerability allows remote OS command injection via the mac_address parameter, input validation or disabling the vulnerable functionality if possible may help reduce risk until a fix or replacement is implemented. [2]