Celloos
Monthly
Command restriction bypass in the SSH service of Cellopoint CelloOS allows authenticated remote attackers to escape the restricted shell and execute arbitrary operating system commands beyond their authorized scope. The flaw is tracked as an Improper Access Control issue (CWE-1284) and was disclosed by Taiwan's TWCERT with a CVSS 4.0 score of 8.7. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Command restriction bypass in the SSH service of Cellopoint CelloOS allows authenticated remote attackers to escape the restricted shell and execute arbitrary operating system commands beyond their authorized scope. The flaw is tracked as an Improper Access Control issue (CWE-1284) and was disclosed by Taiwan's TWCERT with a CVSS 4.0 score of 8.7. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.