Vulnerability Description
A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system commands via specially crafted input. This vulnerability arises due to improper handling of untrusted input, which is passed directly to system-level commands without adequate sanitization or validation. Successful exploitation could allow attackers to execute arbitrary commands on the affected system, potentially resulting in unauthorized access, data leakage, or full system compromise. Affected WebUI parameters are "hd" and "pi".
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-2071?
CVE-2025-2071 is a documented vulnerability. A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system commands via specially crafted inp...
How severe is CVE-2025-2071?
CVSS scoring is not yet available for CVE-2025-2071. Check NVD for updates.
Is there a patch for CVE-2025-2071?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.