{“lastseen”:””,”description”:”E3 Site Supervisor Control (firmware version \\u003c 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS.”,”published”:”2025-09-02T11:26:08.636Z”,”modified”:”2025-09-02T11:26:08.636Z”,”type”:”cve”,”title”:”Enabling SSH and Shellinabox on the vulnerable machine”,”source”:”Armis”,”references”:”https:\/\/www.armis.com\/research\/frostbyte10\/”,”id”:”CVE-2025-52548″,”bulletinFamily”:””,”cwe”:[“CWE-1242″],”cvelist”:null,”sourceData”:”Copeland LP E3 Supervisory Control 0″,”sourceHref”:””,”cvss”:{“score”:6.9,”severity”:”MEDIUM”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:H\/UI:N\/VC:N\/VI:H\/VA:N\/SC:N\/SI:N\/SA:N”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”E3 Supervisory Control”,”version”:”0″,”vendor”:”Copeland LP”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”E3 Site Supervisor Control (firmware version \\u003c 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,48,12,21,13,7,11,5],"class_list":["post-15428","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-69","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n