{"id":72507,"date":"2025-10-28T15:46:36","date_gmt":"2025-10-28T12:16:36","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-1037-tropos-4th-gen-unauthenticated-root-shell-access-via-ssh\/"},"modified":"2025-10-28T15:46:36","modified_gmt":"2025-10-28T12:16:36","slug":"cve-2025-1037-tropos-4th-gen-unauthenticated-root-shell-access-via-ssh","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-1037-tropos-4th-gen-unauthenticated-root-shell-access-via-ssh\/","title":{"rendered":"CVE-2025-1037 &#8211; TropOS 4th Gen Unauthenticated Root Shell Access via SSH"},"content":{"rendered":"<p>CVE ID : CVE-2025-1037<\/p>\n<p>Published :  Oct. 28, 2025, 12:16 p.m. | 28\u00a0minutes ago<\/p>\n<p>Description : By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context.<\/p>\n<p>Severity: 7.5 | HIGH<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-1037 Published : Oct. 28, 2025, 12:16 p.m. | 28\u00a0minutes ago Description : By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-72507","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72507","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=72507"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72507\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=72507"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=72507"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=72507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}