Vulnerabilities

CVE-2025-54322

by Fred · 27/12/2025

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.

More information : https://pwn.ai/blog/cve-2025-54322-zeroday-unauthenticated-root-rce-affecting-70-000-hosts

Similar

Tags: Cybersecurity Alert