How to fix CVE-2019-25487?

Within 24 hours: Identify all SAPIDO RB-1732 V2.0.43 devices in your environment and isolate them from critical networks if possible. Within 7 days: Contact SAPIDO for patch availability; if unavailable, implement network-level mitigations (WAF rules blocking formSysCmd, restrict management access to trusted IPs only). Within 30 days: Develop replacement strategy for affected devices, as vendor patch availability is currently unknown; evaluate alternative router vendors for procurement planning.

CVE-2019-25487

CRITICAL

2026-03-11 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:07 vuln.today

PoC Detected

Mar 12, 2026 - 21:08 vuln.today

Public exploit code

CVE Published

Mar 11, 2026 - 19:16 nvd

CRITICAL 9.8

Description

SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the formSysCmd endpoint. Attackers can send POST requests with the sysCmd parameter containing shell commands to execute code on the device with router privileges.

Analysis

Command execution in SAPIDO RB-1732 V2.0.43 router. PoC available.

Technical Context

CWE-639.

Affected Products

['SAPIDO RB-1732 V2.0.43']

Remediation

Update firmware.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +49

POC: +20

CVE-2019-25487 vulnerability details – vuln.today

Back

CVE-2019-25487

CVSS Vector

Lifecycle Timeline

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code