CVE-2025-41270 | Waterfall WF-500 up to 7.9.1.0 R2502171040 Console WebUI os command injection
ID: 0a88ff55-5808-5c5b-9d2f-36eb184e2982
STIX ID: report--0a88ff55-5808-5c5b-9d2f-36eb184e2982
Feed Name: VulDB Recent Entries
Threat Score
A critical OS command injection vulnerability (CVE-2025-41270) in the Console WebUI of Waterfall WF-500 (up to 7.9.1.0) allows remote unauthenticated arbitrary operating system command execution; it is rated CVSS 9.8, disclosed by Nozomi Networks Labs, and currently has no public exploit or documented mitigation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.