Armis Logo< Back

CVE-2019-25483:

Restricted shell escape vulnerability in Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k allows local users to bypass command restrictions.


Score
Info
A numerical rating that indicates how dangerous this vulnerability is.

8.4High
  • Published Date:Mar 11, 2026
  • CISA KEV Date:*No Data*
  • Industries Affected:20

Exploitability

  • Score:2.5
  • Attack Vector:LOCAL
  • Attack Complexity:LOW
  • Privileges Required:NONE
  • User Interaction:NONE
  • Scope:UNCHANGED

Impact

  • Score:5.9
  • Confidentiality Impact:HIGH
  • Integrity Impact:HIGH
  • Availability Impact:HIGH

Description Preview

Restricted shell escape vulnerability in Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k allows local users to bypass command restrictions.

Overview

The Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a critical security flaw that enables local users to escape the restricted shell environment. This vulnerability is classified as CWE-306, which relates to missing authentication for critical functions. The issue stems from insufficient input validation, allowing attackers to use command substitution to execute arbitrary commands. With a CVSS v4.0 base score of 8.6 and a v3.1 score of 8.4, both rated as HIGH severity, this vulnerability poses a significant risk to affected systems. The exploit requires local access but no privileges or user interaction, potentially leading to complete compromise of the device's confidentiality, integrity, and availability.

Remediation

  • As of the vulnerability disclosure, no official patch or remediation strategy has been announced. However, network administrators and users of affected Comtrend AR-5310 devices should consider the following interim measures:
  • 1. Restrict physical and network access to the device to trusted individuals only.
  • 2. Monitor device logs for suspicious command execution or unusual activity.
  • 3. Implement network segmentation to isolate affected devices.
  • 4. Regularly check for firmware updates from Comtrend and apply them promptly when available.
  • 5. Consider replacing the affected device with a more secure alternative if a patch is not forthcoming.
  • It is crucial to stay informed about any updates or patches released by Comtrend to address this vulnerability.

References

Industries Affected

Below is a list of industries most commonly impacted or potentially at risk based on intelligence.

Low
Mining icon
Mining
Utilities icon
Utilities
Information icon
Information
Construction icon
Construction
Retail Trade icon
Retail Trade
Manufacturing icon
Manufacturing
Wholesale Trade icon
Wholesale Trade
Educational Services icon
Educational Services
Finance and Insurance icon
Finance and Insurance
Public Administration icon
Public Administration
Real Estate Rental and Leasing icon
Real Estate Rental and Leasing
Transportation and Warehousing icon
Transportation and Warehousing
Accommodation and Food Services icon
Accommodation and Food Services
Health Care and Social Assistance icon
Health Care and Social Assistance
Arts, Entertainment, and Recreation icon
Arts, Entertainment, and Recreation
Management of Companies and Enterprises icon
Management of Companies and Enterprises
Agriculture, Forestry, Fishing and Hunting icon
Agriculture, Forestry, Fishing and Hunting
Other Services (except Public Administration) icon
Other Services (except Public Administration)
Professional, Scientific, and Technical Services icon
Professional, Scientific, and Technical Services
Administrative and Support and Waste Management and Remediation Services icon
Administrative and Support and Waste Management and Remediation Services

Focus on What Matters

See everything.Identify true risk.Proactively mitigate threats.Book a Demo

Let's talk!