2897 matches found
EUVD-2025-209996
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41276
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41276
CVE-2025-41276 affects Waterfall WF-500 TX and RX Hosts (Console WebUI) running version 7.9.1.0 R2502171040. Nozomi Networks Labs identifies CWE-78 (OS Command Injection) allowing remote unauthenticated attackers to execute arbitrary operating system commands on the device. The vulnerability is t...
CVE-2025-41275
The CVE-2025-41275 entry concerns Waterfall WF-500 TX and RX Hosts (Console WebUI) with a CWE-78 OS command injection in version 7.9.1.0 R2502171040. The root cause is improper neutralization of special elements in the OS command flow, enabling remote unauthenticated attackers to execute arbitrar...
CVE-2025-41275
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41275
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41274
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
EUVD-2025-209994
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41274
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41274
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41274
Waterfall WF-500 TX and RX Hosts (Console WebUI) with version 7.9.1.0 R2502171040 is affected by a CWE-78 OS Command Injection vulnerability. Nozomi Networks Labs identifies that remote, unauthenticated attackers can execute arbitrary operating system commands on the device via the Console WebUI....
CVE-2025-41273
Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to bypass authentication of the Console web application and...
CVE-2025-41272
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41272
The CVE-2025-41272 entry describes a CWE-78 OS Command Injection in the Waterfall WF-500 TX and RX Hosts Console WebUI (version 7.9.1.0 R2502171040). The vulnerability allows remote unauthenticated attackers to execute arbitrary operating system commands on the device through the Console WebUI, i...
CVE-2025-41272
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...
CVE-2025-41271
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...
CVE-2025-41271
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...
EUVD-2025-209991
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...
CVE-2025-41270
CVE-2025-41270 affects Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040). The vulnerability is in the Console WebUI and stems from CWE-78, Improper Neutralization of Special Elements used in an OS Command (OS Command Injection). It allows remote unauthenticated attackers to execute a...
CVE-2025-41270
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...