High severity8.1NVD Advisory· Published May 21, 2025· Updated Apr 15, 2026
CVE-2025-48416
CVE-2025-48416
Description
An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be bypassed/changed by an attacker through multiple paths though.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.