Techtimes
Seiko SkyBridge IoT Routers Face Permanent OS Injection Vulnerability
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Seiko Solutions' SkyBridge MB-A100 and MB-A110 routers are affected by a high-severity OS command injection vulnerability (CVE-2026-50043) disclosed on July 1, 2026. The flaw allows authenticated attackers to execute arbitrary OS commands via the web administration interface. Seiko has confirmed that no firmware patch will be released, leaving these devices permanently vulnerable. This is the third significant OS command injection vulnerability discovered in this product line, following CVE-2022-36556 and CVE-2025-29635. Organizations using these routers are advised to take immediate action to mitigate risks, as the devices may still retain default credentials or weak passwords. The vulnerability has a CVSS base score of 8.6, indicating a high severity level. The advisory was coordinated by JPCERT/CC and Japan's Information-Technology Promotion Agency.
Key Points: • SkyBridge MB-A100 and MB-A110 routers have a critical OS command injection vulnerability. • No firmware patch will be released, leaving devices permanently vulnerable. • Organizations are urged to change default credentials and limit access to mitigate risks.