Description
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device.
Published: 2026-05-29
Score: 9.3 Critical
EPSS: 1.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The CVE identifies an OS Command Injection flaw in the web‑based console of Waterfall WF‑500 TX and RX host devices. Input accepted by the console is passed directly to the operating system shell, allowing an attacker who can reach the web interface to execute arbitrary operating‑system commands. The vulnerability exists in firmware version 7.9.1.0 R2502171040.

Affected Systems

Waterfall WF‑500 TX and RX hosts running firmware 7.9.1.0 R2502171040 are affected. These devices provide network interface functionality and are managed via the console web UI.

Risk and Exploitability

The flaw has a CVSS score of 9.3, indicating critical severity. It can be exploited remotely without authentication; only network connectivity to the console interface is required. The EPSS score of 1% suggests a modest likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Nevertheless, the ability to execute arbitrary system commands presents high impact.

Generated by OpenCVE AI on May 29, 2026 at 15:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device firmware to a version that includes the OS command injection fix.
  • Restrict access to the console web UI to trusted IP addresses or a dedicated management network.
  • If a firmware update cannot be applied immediately, disable remote console access or restrict it to a firewall‑protected management subnet.

Generated by OpenCVE AI on May 29, 2026 at 15:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Waterfall
Waterfall wf-500
Vendors & Products Waterfall
Waterfall wf-500

Fri, 29 May 2026 15:45:00 +0000

Type Values Removed Values Added
Title OS Command Injection Vulnerability in Waterfall WF-500 Console WebUI

Fri, 29 May 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 12:45:00 +0000

Type Values Removed Values Added
Title OS Command Injection Vulnerability in Waterfall WF-500 Console WebUI

Fri, 29 May 2026 11:45:00 +0000

Type Values Removed Values Added
Description Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device.
Weaknesses CWE-78
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Waterfall Wf-500
cve-icon MITRE

Status: PUBLISHED

Assigner: Nozomi

Published:

Updated: 2026-05-29T13:42:26.930Z

Reserved: 2025-04-16T09:53:41.254Z

Link: CVE-2025-41272

cve-icon Vulnrichment

Updated: 2026-05-29T13:42:22.021Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-29T12:16:23.570

Modified: 2026-05-29T14:06:26.220

Link: CVE-2025-41272

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T15:46:58Z

Weaknesses