CVE-2025-41275 | Waterfall WF-500 up to 7.9.1.0 R2502171040 Console WebUI os command injection
ID: 3741c280-7faa-520f-86c3-4fe11ef779d8
STIX ID: report--3741c280-7faa-520f-86c3-4fe11ef779d8
Feed Name: VulDB Recent Entries
Threat Score
This advisory documents CVE-2025-41275: a critical (CVSS 9.8) OS command injection in the Console WebUI of Waterfall WF-500 (up to 7.9.1.0) that allows remote unauthenticated attackers to execute arbitrary OS commands; Nozomi Networks Labs disclosed the issue and no public exploit or mitigation is currently known.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.