NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2025-41281

Summary	Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured.
Publication Date	May 29, 2026, 9:16 p.m.
Registration Date	May 30, 2026, 4:14 a.m.
Last Update	May 29, 2026, 11:06 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-41281	prodsec@nozominetworks.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-78	OSコマンド・インジェクション	https://cwe.mitre.org/data/definitions/78.html