Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-27027

A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions.

Published

2025-07-09T09:15:26.720

Last Modified

2025-07-10T13:17:30.017

Status

Awaiting Analysis

Source

a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

Severity

CVSSv3.1: 4.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-653

Affected Vendors & Products

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27027 (a6d3dc9e-0591-4a13-bce7-0f5b31ff6158)