Rootio-Linux: Unauthenticated File Upload Allows Remote Code Execution

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Rootio-Linux: Unauthenticated File Upload Allows Remote Code Execution

ROOT-OS-DEBIAN-11-CVE-2025-37911

Summary

A security fix has been released for Rootio-Linux to prevent attackers from uploading malicious files without proper authorization, potentially allowing them to run arbitrary code on your system. This issue was patched by the Root team, and you should update your Rootio-Linux package to the latest version to stay secure. If you haven't already, update your system to take advantage of the fix.

What to do

Update rootio-linux to version 5.10.247-1.root.io.42.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-linux	<= 5.10.247-1.root.io.42	5.10.247-1.root.io.42

Original title

CVE-2025-37911 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-37911 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available.

Published: 6 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026