CVE-2025-54958 | THREATINT

Description

Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS commands may be executed on the affected product.

PUBLISHED Reserved 2025-08-04 | Published 2025-08-08 | Updated 2025-08-08 | Assigner jpcert

MEDIUM: 6.3CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Problem types

Improper neutralization of special elements used in an OS command ('OS Command Injection')

Product status

0.20130927 and prior

affected

References

www.mubit.co.jp/sub/products/blue/pb-base-cloud-890.html

jvn.jp/en/jp/JVN39636188/

cve.org (CVE-2025-54958)

nvd.nist.gov (CVE-2025-54958)

Download JSON