CVE-2025-50753
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-26

Last updated on: 2025-08-29

Assigner: MITRE

Description
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" (quotes included) to the argument of this command will drop a root shell.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-26
Last Modified
2025-08-29
Generated
2026-06-16
AI Q&A
2025-08-26
EPSS Evaluated
2026-06-14
NVD
CVE-2025-50753
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mitrastar gpt-2741gnac-n2 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

You can detect this vulnerability by attempting to access the device via SSH using the 'support' user credentials (often physically labeled on the modem). Once in the restricted shell, try executing the command: deviceinfo show file "\n/bin/sh". If this command drops you into a root shell, the device is vulnerable. [1]

Mitigation Strategies

Immediate mitigation steps include restricting or disabling SSH access to the device, especially for the 'support' user account. Change or remove default credentials physically labeled on the device. Additionally, monitor for unauthorized SSH access attempts and apply any vendor patches or updates once available. [1]

Executive Summary

The vulnerability in Mitrastar GPT-2741GNAC-N2 devices allows an attacker with SSH access to a restricted shell to escape that restricted environment. By using the command `deviceinfo show file` with the argument "\n/bin/sh" (including quotes and newline), the attacker can drop into a root shell, gaining full root privileges on the device. [1]

Impact Analysis

This vulnerability can allow an attacker with physical or credential access to the device's SSH restricted shell to escalate privileges to root. This means the attacker can fully control the device, potentially altering configurations, intercepting or redirecting network traffic, or using the device as a foothold for further attacks. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-50753. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart