rootio-linux: Unauthenticated Command Execution through HTTP Request

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated Command Execution through HTTP Request

ROOT-OS-UBUNTU-2404-CVE-2025-21854

Summary

A bug in the rootio-linux package allows hackers to execute arbitrary system commands without needing a password. This affects the Ubuntu 24.04 version of rootio-linux. Update to the latest patched version to prevent unauthorized access.

What to do

Update rootio-linux to version 6.8.0-107.107.root.io.60.
Update rootio-linux to version 6.8.0-110.110.root.io.62.

Affected software

Ecosystem	Vendor	Product	Affected versions
Root:Ubuntu:24.04	–	rootio-linux	< 6.8.0-107.107.root.io.60 < 6.8.0-110.110.root.io.62 Fix: upgrade to 6.8.0-107.107.root.io.60

Original title

CVE-2025-21854 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-21854 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available.

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 9 Apr 2026