CVE-2025-48415

{"id": "CVE-2025-48415", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2025-05-21T13:16:02.810", "references": [{"url": "https://r.sec-consult.com/echarge", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"}, {"url": "http://seclists.org/fulldisclosure/2025/May/23", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "description": [{"lang": "en", "value": "CWE-749"}]}], "descriptions": [{"lang": "en", "value": "A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted \"salia.ini\" files. The .ini file can contain several \"commands\" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor\u00a0 or perform other administrative actions. Ultimately, this backdoor also allows arbitrary execution of OS commands."}, {"lang": "es", "value": "Una puerta trasera USB puede activarse conectando una unidad USB que contenga archivos \"salia.ini\" especialmente dise\u00f1ados. El archivo .ini puede contener varios comandos que un atacante podr\u00eda explotar para exportar o modificar la configuraci\u00f3n del dispositivo, habilitar una puerta trasera SSH o realizar otras acciones administrativas. En definitiva, esta puerta trasera tambi\u00e9n permite la ejecuci\u00f3n arbitraria de comandos del sistema operativo."}], "lastModified": "2025-11-03T20:19:06.640", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf"}