Vulnerability Details CVE-2025-66620
An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the file system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.8%
CVSS Severity
CVSS v3 Score 8.0
References
Products affected by CVE-2025-66620
-
cpe:2.3:h:columbiaweather:weather_microserver:-
-
cpe:2.3:o:columbiaweather:weather_microserver_firmware:ms_2.6.9900