1. Home
  2. CVE Database
  3. CVE-2025-48415
MEDIUM · 6.2

CVE-2025-48415

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker ...

Vulnerability Description

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor  or perform other administrative actions. Ultimately, this backdoor also allows arbitrary execution of OS commands.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Related Weaknesses (CWE)

CWE-749

References

FAQ

What is CVE-2025-48415?

CVE-2025-48415 is a vulnerability with a CVSS score of 6.2 (MEDIUM). A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker ...

How severe is CVE-2025-48415?

CVE-2025-48415 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-48415?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.