CVE-2025-50753 is a privilege escalation vulnerability affecting Mitrastar GPT-2741GNAC-N2 devices. These devices provide SSH access to users through a restricted default shell environment. Within this restricted shell, users are intended to execute the command "deviceinfo show file" to view files and directories. However, the vulnerability arises because if an attacker supplies the argument " /bin/sh" (including the quotes) to this command, the device improperly spawns a root shell instead of limiting the user to the restricted environment. This effectively allows an attacker with SSH access to escape the restricted shell and gain root-level privileges on the device. The vulnerability does not require any additional authentication beyond SSH access, and no user interaction beyond command input is needed. There is no CVSS score assigned yet, and no patches or known exploits in the wild have been reported as of the publication date. The affected versions are not explicitly specified, but the vulnerability is tied to the Mitrastar GPT-2741GNAC-N2 device model. This vulnerability represents a critical security flaw because it allows privilege escalation from a restricted user to root, potentially enabling full control over the device and any network it is connected to.

For European organizations, this vulnerability could have significant consequences, especially for those using Mitrastar GPT-2741GNAC-N2 devices as part of their network infrastructure, such as ISPs, enterprises, or critical infrastructure providers. An attacker exploiting this vulnerability could gain root access to the device, allowing them to manipulate network traffic, install persistent malware, disrupt services, or use the device as a pivot point for further attacks within the network. This could lead to confidentiality breaches, integrity violations, and availability disruptions. Given that these devices are often used in broadband or enterprise network gateways, the compromise could affect large numbers of end users or critical business systems. The lack of authentication escalation requirements beyond SSH access means that any compromised or weak SSH credentials could be leveraged to fully compromise the device. This elevates the risk for organizations with inadequate SSH access controls or monitoring. Additionally, the absence of a patch at the time of disclosure increases the window of exposure. The impact is particularly severe in sectors where network reliability and data confidentiality are paramount, such as finance, healthcare, and government services within Europe.

Organizations should immediately audit their network infrastructure to identify the presence of Mitrastar GPT-2741GNAC-N2 devices. Until a vendor patch is available, it is critical to restrict SSH access to these devices to trusted administrators only, ideally through network segmentation and VPNs. Implement strict SSH authentication mechanisms such as key-based authentication with strong passphrases and disable password-based logins. Monitoring and logging of SSH sessions should be enhanced to detect any suspicious command usage, especially attempts to invoke "deviceinfo show file" with unusual arguments. Network administrators should consider disabling or restricting the restricted shell environment if possible or replacing the device with a more secure alternative if feasible. Regularly check for vendor advisories and apply patches as soon as they become available. Additionally, employing network intrusion detection systems (NIDS) that can identify anomalous shell escapes or privilege escalations can provide early warning. Finally, conduct security awareness training for administrators to recognize and respond to potential exploitation attempts.