Browse all 5 CVE security advisories affecting Sapido. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sapido develops networking equipment including routers and access points for small businesses and home users. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting, and privilege escalation vulnerabilities. The company has recorded five CVEs, with several allowing unauthenticated attackers to execute arbitrary commands or bypass security controls. Sapido devices have been identified in botnets due to unpatched vulnerabilities, highlighting ongoing security concerns. Their products often default to weak credentials and lack proper input validation, making them attractive targets for exploitation. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential for significant compromise if deployed without proper hardening.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25487 | SAPIDO RB-1732 V2.0.43 Remote Command Execution via formSysCmd — RB-1732CWE-639 | 9.8 | Critical | 2026-03-11 |
| CVE-2025-7554 | Sapido RB-1802 URL Filtering Page urlfilter.asp cross site scripting — RB-1802CWE-79 | 2.4 | Low | 2025-07-14 |
| CVE-2025-6560 | Sapido Wireless Router - Exposure of Sensitive Information — BR071nCWE-256 | 9.8 | Critical | 2025-06-24 |
| CVE-2025-6559 | Sapido Wireless Router - OS Command Injection — BR071nCWE-78 | 9.8 | Critical | 2025-06-24 |
| CVE-2021-4242 | Sapido BR270n/BRC76n/GR297/RB1732 syscmd.htm os command injection — BR270nCWE-707 | 6.3 | Medium | 2022-11-30 |
This page lists every published CVE security advisory associated with Sapido. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.