CVE-2025-6560 CRITICAL

CVE-2025-6560: Sapido Wireless Router - Exposure of Sensitive Information

Vendor Sapido
Product BR071n
Weakness CWE-256
Published June 24, 2025
Last update June 24, 2025

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials.  The affected models are out of support; replacing the device is recommended.

Key dates

02Disclosure timeline

June 24, 2025 CVE published
June 24, 2025 Record updated