Unrated severityNVD Advisory· Published Jan 7, 2026· Updated Jan 7, 2026
Columbia Weather Systems MicroServer Command Shell in Externally Accessible Directory
CVE-2025-66620
Description
An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the file system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Columbia Weather Systems/MicroServerv5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.