CVE-2025-6103
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-16

Last updated on: 2025-06-16

Assigner: VulDB

Description
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/test_accesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-16
Last Modified
2025-06-16
Generated
2026-05-07
AI Q&A
2025-06-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-6103
EUVD
EUVD-2025-18357
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a critical OS command injection flaw in the Wifi-soft UniBox Controller up to version 20250506, specifically in the file /billing/test_accesscodelogin.php. It occurs because the 'Password' parameter is improperly handled, allowing an attacker to inject and execute arbitrary operating system commands remotely without authentication. This can lead to unauthorized code execution on the server hosting the controller. [1, 2]


How can this vulnerability impact me? :

Exploitation of this vulnerability can allow attackers to execute arbitrary code on the affected system, potentially leading to full control over the router. This includes writing backdoors, gaining elevated permissions, compromising confidentiality, integrity, and availability of the system. Since the attack can be launched remotely and easily, it poses a significant security risk. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of the vulnerable endpoint /billing/test_accesscodelogin.php on your Wifi-soft UniBox Controller. Attackers may use Google dorking with the query "inurl:billing/test_accesscodelogin.php" to identify vulnerable targets. On your system, you can verify if this file exists and monitor for suspicious requests targeting the Password parameter that could indicate command injection attempts. Specific commands to detect exploitation attempts are not provided, but monitoring web server logs for unusual requests to /billing/test_accesscodelogin.php with suspicious Password parameter values is recommended. [2]


What immediate steps should I take to mitigate this vulnerability?

There are no known patches or countermeasures available for this vulnerability. The recommended immediate mitigation is to replace the affected Wifi-soft UniBox Controller product with an alternative that is not vulnerable. Additionally, restricting access to the vulnerable endpoint, implementing network-level protections such as firewalls or intrusion detection systems to block exploitation attempts, and monitoring for suspicious activity can help reduce risk until replacement is possible. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart