cvedb.io
CVE-2025-48415
MEDIUM · CVSS 6.2
EPSS exploitation probability: 0%
Published 2025-05-21T13:16:02.810 · Last modified 2026-06-17T09:29:36.953

Summary

A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor  or perform other administrative actions. Ultimately, this backdoor also allows arbitrary execution of OS commands.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.