VYPR

firmware

by E Charge

CVEs (1)

  • CVE-2025-27804MedMay 21, 2025
    risk 0.42cvss 6.5epss 0.01

    Several OS command injection vulnerabilities exist in the device firmware in the /var/salia/mqtt.php script. By publishing a specially crafted message to a certain MQTT topic arbitrary OS commands can be executed with root permissions.