CVE-2025-6560

Summary

Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials. 

The affected models are out of support; replacing the device is recommended.

Affected Software

VendorProductVersion RangeStatus
SapidoBR071n0affected
SapidoBR261c0affected
SapidoBR270n0affected
SapidoBR476n0affected
SapidoBRC70n0affected
SapidoBRC70x0affected
SapidoBRC76n0affected
SapidoBRD70n0affected
SapidoBRE70n0affected
SapidoBRE71n0affected
SapidoBRF61c0affected
SapidoBRF71n0affected

Weaknesses

  • CWE-256: CWE-256 Plaintext Storage of a Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References