EUVD-2025-209986

🗓️ 29 May 2026 10:48:08Reported by EUVDType

Waterfall WF-500 administration interface flaw enables attackers to execute arbitrary system commands.

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2025-41266	29 May 202610:48	–	attackerkb
CNNVD	Waterfall WF-500 操作系统命令注入漏洞	29 May 202600:00	–	cnnvd
CVE	CVE-2025-41266	29 May 202610:48	–	cve
Cvelist	CVE-2025-41266	29 May 202610:48	–	cvelist
NVD	CVE-2025-41266	29 May 202612:16	–	nvd
Positive Technologies	PT-2026-44804	29 May 202600:00	–	ptsecurity
Vulnrichment	CVE-2025-41266	29 May 202610:48	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "f6ad23fb-85b9-3ef0-983c-8c2392870a2b",
        "vendor": {
          "name": "Waterfall"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "5d92b000-7689-3308-bf5f-516e38e1f3cc",
        "product": {
          "name": "WF-500",
          "vendor": {
            "name": "Waterfall"
          }
        },
        "product_version": "0 ≤7.9.1.0 R2502171040"
      }
    ]
  }
]

Source	Link
nozominetworks	www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-41266

29 May 2026 14:33Current

6.1Medium risk

Vulners AI Score6.1

CVSS 48.6

EPSS0.00306

SSVC