- Description
- A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pms_check.php. The manipulation of the argument ipaddress leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
- cna@vuldb.com
- CWE-77
- Hype score
- Not currently trending
CVE-2025-6104 (CVSS:7.4, HIGH) is Awaiting Analysis. A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects..https://t.co/0HeB70zApE #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
21 Jun 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6104 (CVSS:7.4, HIGH) is Awaiting Analysis. A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects..https://t.co/0HeB70z2A6 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
20 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6104 (CVSS:7.4, HIGH) is Awaiting Analysis. A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects..https://t.co/0HeB70z2A6 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
19 Jun 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6104 Remote OS Command Injection in Wifi-soft UniBox Controller via /billing/pms_check.php https://t.co/sIedxanOKu
@VulmonFeeds
16 Jun 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-6104: HIGH] Critical vulnerability found in Wifi-soft UniBox Controller up to 20250506. Exploit allows remote OS command injection via manipulated "ipaddress." Vendor non-responsive to disclosure.#cve,CVE-2025-6104,#cybersecurity https://t.co/SQsl7hxuOY https://t.co/3dv
@CveFindCom
16 Jun 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes