VYPR
Unrated severityNVD Advisory· Published Jan 7, 2026· Updated Jan 7, 2026

Columbia Weather Systems MicroServer Command Shell in Externally Accessible Directory

CVE-2025-66620

Description

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the file system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Columbia Weather Systems/MicroServerv5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.