CVE-2025-54958
Description
Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS commands may be executed on the affected product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
OS command injection in Mubit Powered BLUE 870 allows authenticated users to execute arbitrary OS commands.
Vulnerability
Description CVE-2025-54958 is an OS command injection vulnerability in Mubit's Powered BLUE 870 appliance, affecting versions 0.20130927 and prior. The vulnerability stems from improper neutralization of special elements used in OS commands, allowing an attacker to inject arbitrary commands into the system [2].
Exploitation
Conditions Exploitation requires an authenticated user with low privileges who can access the product over the network. No special network position is needed beyond normal access to the management interface [2].
Impact
A successful attack allows the authenticated user to execute arbitrary OS commands on the affected appliance. The CVSS v3 base score of 6.3 reflects low impacts on confidentiality, integrity, and availability [2].
Mitigation
The developer states that Powered BLUE 870 is no longer supported and recommends switching to the alternative product, Powered BLUE 890 [1][2]. No patch will be provided for the vulnerable versions.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=0.20130927
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.