How to fix CVE-2025-40591?

Within 24 hours: Inventory all RUGGEDCOM ROX devices in production and identify those running versions below V2.16.5; restrict web interface access to trusted administrative networks only. Within 7 days: Disable the 'Log Viewers' tool in the web interface if operationally feasible; implement enhanced monitoring for suspicious log access patterns and file system queries. Within 30 days: Monitor vendor security advisories for patch V2.16.5 release; develop and test patch deployment procedures; evaluate network segmentation to isolate affected devices from general corporate networks.

Is Command Injection affected by CVE-2025-40591?

RUGGEDCOM ROX industrial network devices across 11 product variants contain a critical authentication bypass vulnerability allowing authenticated users to execute arbitrary commands with root privileges and access sensitive system files.

CVE-2025-40591

EUVD-2025-17713 HIGH

2025-06-10 [email protected]

7.7

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2025-17713

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

CVE Published

Jun 10, 2025 - 16:15 nvd

HIGH 7.7

Description

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All versions < V2.16.5), RUGGEDCOM ROX RX1510 (All versions < V2.16.5), RUGGEDCOM ROX RX1511 (All versions < V2.16.5), RUGGEDCOM ROX RX1512 (All versions < V2.16.5), RUGGEDCOM ROX RX1524 (All versions < V2.16.5), RUGGEDCOM ROX RX1536 (All versions < V2.16.5), RUGGEDCOM ROX RX5000 (All versions < V2.16.5). The 'Log Viewers' tool in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated remote attacker to execute the 'tail' command with root privileges and disclose contents of all files in the filesystem.

Analysis

A security vulnerability in A vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation.

Technical Context

Vulnerability type not specified by vendor. CVSS 7.7 indicates high severity. Affects A vulnerability.

Affected Products

['A vulnerability']

Remediation

Monitor vendor channels for patch availability.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +38

POC: 0

CVE-2025-40591 vulnerability details – vuln.today

Back

CVE-2025-40591

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-40591

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code