CVE-2025-2071

Published Mar 31, 2025

Last updated 4 days ago

CVSS critical 10.0

Overview

Description
A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system commands via specially crafted input. This vulnerability arises due to improper handling of untrusted input, which is passed directly to system-level commands without adequate sanitization or validation. Successful exploitation could allow attackers to execute arbitrary commands on the affected system, potentially resulting in unauthorized access, data leakage, or full system compromise. Affected WebUI parameters are "hd" and "pi".
Source
551230f0-3615-47bd-b7cc-93e92e730bbf
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
10
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:X/V:X/RE:M/U:Amber
Severity
CRITICAL

Weaknesses

551230f0-3615-47bd-b7cc-93e92e730bbf
CWE-78

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-2071 ⚠️🔴 CRITICAL (10) 🏢 FAST LTA - FAST LTA Silent Brick WebUI 🏗️ WebUI Release 2.45 (Linux 5.4.109-gentoo-FAST) 🔗 https://t.co/WUOijsdR5Q #CyberCron #VulnAlert #InfoSec https://t.co/P4sxUWNfr5

    @cybercronai

    31 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2025-2071: CRITICAL] Critical OS Command Injection vulnerability found in FAST LTA Silent Brick WebUI. Attackers can execute commands through untrusted input, leading to unauthorized access or data leakage.#cybersecurity,#vulnerability https://t.co/f99jRCrPTr https://t.co/Bx

    @CveFindCom

    31 Mar 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. New post from https://t.co/uXvPWJy6tj (CVE-2025-2071 | FAST LTA Silent Brick WebUI prior 2.63.04 hd/pi os command injection) has been published on https://t.co/hIGMIbcnib

    @WolfgangSesin

    31 Mar 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-2071 A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system co… https://t.co/5lBozRB58i

    @CVEnew

    31 Mar 2025

    412 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References